Software Engineer, AppSec

Toronto, ON /
Engineering – Engineering /
/ Hybrid
Our mission is to increase the success rate of small businesses. Traditional banking has been a growth limiter rather than a growth enabler for business owners, and we’re changing that. Relay is the all-in-one, collaborative money management platform. We’re building for employer SMBs and their finance function, internal and external, and are focused on delivering a human-centric customer experience. Ultimately, we help SMBs be ‘on the money'.

We’re looking for a focused Software Engineer, AppSec, who loves delivering robust code and shipping frequently. You'll make high-impact decisions daily and have a dedicated interest to help shape the future of Relay and build a product our customers love. This is an exciting opportunity focused on improving the security of our product and internal tools. If you're looking for an opportunity to build a best-in-class banking product that is changing the way SMBs succeed apply now! *Please note that we are a hybrid environment and choose to collaborate in the office twice a week.

What You'll be Doing:

    • Manage and optimize application security in our product and internal tools
    • Triage and fix the incoming vulnerabilities that get reported
    • Perform code reviews and system design reviews to identify security vulnerabilities before they reach production
    • Provide guidance to the broader team on security best practices and the latest trends, threats, or vulnerabilities in our space
    • Proactively identify and prioritize improvements to the team’s processes, codebases, and best practices
    • Partner with our Site Reliability and Operations teams to help make changes to our application in support of security or availability improvements

Who You Are:

    • You have 3+ years of experience building web applications with complex authentication and authorization requirements in Node.js, Typescript, and AWS, preferably in the tech start-up universe
    • You have experience with secure coding practices and vulnerability scanning tools
    • You have strong knowledge of application security frameworks such as OWASP
    • You enjoy participating in security incident response
    • You have a history of mentorship and enjoy partnering with the broader engineering team to share best practices and knowledge
    • You demonstrate strong communication skills with the ability to communicate the impact of security issues in a way that’s easy for both technical and non-technical stakeholders to understand
    • You're perpetually curious and always learning - whether about the latest languages, frameworks, best practices, or the tech industry in general
    • You can rise to a challenge and handle change and uncertainty at times - we are a startup after all!
    • You're a team player - our team is small and mighty, and we collaborate constantly - we want someone who is always willing to pitch in and isn’t afraid to ask for help
    • You're a self-starter, a problem-solver, a creative thinker, and you're not afraid to share your ideas and provide and receive feedback

    • Research shows that women-identifying and other marginalized individuals tend to only apply when they meet 100% of the qualifications. If you don't have all the listed qualifications, we encourage you to apply anyway, and together we'll figure out if this is the best role for you!

Our Tech Stack:

    • Front-end: React, Typescript, Redux, Redux-Saga, React Native
    • Back-end: Node.js, Typescript, Terraform, AWS (DynamoDB, RDS Postgres, Lambda, S3, SQS, SNS, SES, ElasticSearch, ECS)
    • Tools: GitHub, GitHub Actions, Docker, CircleCI, Jira, Datadog, Metabase, VS Code
    • Integrations: Plaid, QuickBooks, Xero, Gusto, Yodlee, Finicity, Castle, Sardine, Middesk, Vero

Our Commitment To You:

    • Competitive salary and meaningful equity: every team member gets a piece of the pie. 
    • Comprehensive health benefits: we offer full health benefits + an HSA/WSA starting from day 1 so you get the coverage you need.
    • 3 weeks vacation + end-of-year holiday shutdown: we take time off to reset and recharge so we come back better for our customers.  
    • Hybrid work environment: we love collaborating and connecting in office two times a week and offer catered lunches and a snack/beverage program for the days we’re in office. Don’t forget to bring in your fury friends!
    • Personal and professional growth: support from leaders who care about your growth and success through regular feedback and coaching. Our goal is to make Relay a step-change career opportunity.
    • Top-tier equipment: we’re a Mac environment and we’ll make sure you have everything you need to produce your best work. 
    • Team-first culture: we’re passionate about working collaboratively, bonding through team events, and most importantly having fun.

What’s Important to Us:
At Relay, we believe that diversity is key to building high-performing teams, and creating an inclusive work environment is our priority. We are an equal-opportunity employer and we welcome people of diverse backgrounds, perspectives, and skills.

We will work with applicants to provide accommodations at any stage of the hiring process. If you require accommodations during the interview process, please email your People Team contact, and we will work with you to meet your needs.