PointClickCare is a leading North American healthcare technology platform enabling meaningful care collaboration and real‐time patient insights. For over 20 years, the company has been focused on realizing its vision: to help create a world in which providers and plans can confidently deliver frictionless care. Since its inception, PointClickCare has grown exponentially, with over 2,200 employees working to impact millions across North America. Recognized by Forbes as one of the top 100 private cloud companies and acknowledged by Waterstone Human Capital as Canada’s Most Admired Corporate Cultures, PointClickCare leads the way in creating cloud-based healthcare software.

 

At PointClickCare, we offer a wealth of opportunities and a vibrant culture that empowers our employees. Our dynamic environment is the perfect place to advance your career while engaging in meaningful work alongside incredible colleagues. Here, you’ll discover a space where your talents can thrive, your career can grow, and your work will have a lasting impact on healthcare across North America. We believe that work becomes profoundly fulfilling when driven by a higher purpose.

 

Join us and be part of a team that is making a real impact.

 

To learn more about us, check out Life at PointClickCare and connect with us on Glassdoor and LinkedIn.

The Application Security team consists of a group of highly skilled engineers who are passionate about safeguarding our company’s applications and platforms. With a mix of remote and hybrid team members, we embrace flexibility while fostering strong collaboration across projects. Our team operates at the forefront of application security, offering opportunities to work on innovative solutions, tackling complex challenges, and make a meaningful impact on the company’s security posture. Joining this team means becoming part of a supportive environment that values growth, learning, and cutting-edge security practices.

As a Senior Application Security Engineer, you will be a key player in the organization’s security posture, leading efforts to secure our applications and development processes. This role requires a strategic mindset with a hands-on approach to embedding security into all aspects of our software development lifecycle. You will serve as the primary AppSec contact for multiple engineering teams, drive security initiatives, conduct in-depth security reviews, and develop security frameworks that are consumable by the engineering organization. This position requires strong expertise in secure coding, vulnerability management, Java development, and CI/CD security automation.

·       Lead Security Software Engineering & Secure Coding Initiatives: Develop, enhance, and maintain security libraries to be used across development teams. Perform deep-dive security reviews of application codebases to identify and mitigate security vulnerabilities. Provide technical guidance on implementing secure coding standards in Java and other relevant programming languages.  Programming skills are mandatory for this position.

·       Threat Modeling & Security Design Reviews: Conduct architecture and design reviews to identify security risks and ensure secure design principles are embedded in applications. Lead and facilitate threat modeling exercises with development teams to proactively identify and mitigate risks. Develop reusable security patterns and guidelines for engineering teams.

·       Threat Modeling & Security Design Reviews: Conduct architecture and design reviews to identify security risks and ensure secure design principles are embedded in applications. Lead and facilitate threat modeling exercises with development teams to proactively identify and mitigate risks. Develop reusable security patterns and guidelines for engineering teams.

·       Mentor & Lead Security Training: Mentor junior and intermediate AppSec engineers, fostering skill development in secure coding, threat modeling, and vulnerability management. Develop and deliver security training and awareness programs for engineers, ensuring secure coding practices are understood and adopted across teams.

·       Incident Response & Continuous Improvement: Lead investigations of security incidents and vulnerabilities, performing root cause analysis and implementing long-term remediations. Monitor and analyze security trends, staying ahead of emerging threats and technologies. Contribute to security policy development and compliance efforts.

 

 

·       Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).

·       5+ years of experience in application security or secure software development.

·       Hands-on experience with container security (Docker, Kubernetes) and cloud security principles (AWS, Azure, GCP).

·       Proficiency in reviewing code, creating automated test cases (preferably with AI) to augment security scanning tools.

·       Familiarity with and integrating security into DevSecOps modern software development workflows.

·       Experience leading threat modeling sessions, and reviewing application architecture designs

·       Advanced knowledge of cryptographic principles and secure authentication mechanisms.

·       Excellent problem-solving, communication, and collaboration skills.

·       Experience in performing AppSec training on subjects such as threat modeling and secure application design

 

#LI-AJ1

#LI-hybrid

$108,200 - $120,200 a year

It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.

When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it.  If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com 

PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.