Lead Software Engineer - Mobile Security
R&D – Engineering
Shopify employees make commerce better for our 600,000K+ merchants every day. This includes securing every aspect of Shopify, from storefront to the Admin panel to our mobile applications. Business happens wherever our merchants happen to be - folks no longer find themselves tethered to any particular device and all our applications require the same level of care.
If you're an application security engineer who dives deep on mobile-specific security OR a mobile developer who is constantly seeking ways to make your code more secure, we'd love to hear from you! There's a huge diversity of work to be done on the team, from helping identify and respond to application vulnerabilities to developing tools to integrate security into our mobile development process.
Requirements for the role:
- Mobile development experience. You’ve built native mobile applications for either iOS or Android (or both!), in Objective C, Swift, Java, or Kotlin
- A collaborative approach to security. You understand that developers are building great products and want to help make those products be even better
- An eye for edge cases. You see potential vulnerabilities when reviewing mobile application architecture and design roadmaps and offer detailed suggestions to secure them
- Thorough knowledge of mobile security issues. You’ve built a library in your mind of common issues, and continually learn more about new applications and issues
- Inherent creativity and curiosity. You don’t believe in forcing a new problem into an old solution, and want to find creative ways to include security in the software development process
- Experience leading a team
- Back-end web application development, especially with Ruby on Rails
- Work with bug bounty programs (like our program, for instance: https://hackerone.com/shopify)
- Experience with IDEs Xcode and Android Studio
- Establish and drive the mobile security roadmap for Shopify
- Lead and mentor a small team of mobile security engineers
- Work on projects to improve account security and abuse detection on the Shopify platform
- Act as a trusted security advisor to the mobile development teams at Shopify
- Perform security reviews, including code reviews, and guide developers on how to ship features securely
- Develop tools to help scale the mobile security assessment process
- Respond to vulnerabilities disclosed through our bug bounty program
- Provide security advice to our Retail product teams
We know that applying to a new role takes a lot of work and we truly value your time. Ash is looking forward to reading your application and hearing why you feel this role is right for you!