S'more About the Team We're looking for a new teammate to join us on the journey of keeping HelloFresh a trusted name - someone with a passion for security and appetite for new challenges. Security Engineers work in a variety of ways to constantly iterate and improve HelloFresh’s security posture.You will be part of the squad responsible for maintaining and improving HelloFresh’s Vulnerability Management Program which provides umbrella coverage to Pentest, Red Teaming, Cloud Assessment, Source Code Review, use of vulnerable dependencies, Supply Chain Audits and Bug Bounty program.Lettuce Share What This Role Will Be Responsible ForPerform network/cloud penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessmentsDevelop comprehensive and accurate reports and presentations for both technical and executive audiencesEffectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counselUse formal project management skills in planning, tracking, and reporting to close the remediation loopRecognize and safely utilize attacker tools, tactics, and procedures used to perform analysis and identify vulnerabilitiesDevelop scripts, tools, or methodologies to improve HelloFresh's Vulnerability Management ProgramSound a-peeling? Here's what we're looking for4-7 years' experience demonstrating above average ability in any 4 of the following areas of offensive security: Network, Wireless, Cloud, Web, Mobile, API Assessments, Source Code Review, Red Teaming, Social EngineeringThorough understanding of network protocols, data on the wire, client-server model, application design and architecture, and different classes of application security flawsProven proficiency in one modern scripting language like Python or GoRelevant application penetration testing certifications such as Offensive Security Web Expert (OSWE) certification, GIAC Web Application Penetration Tester (GWAPT), or equivalent mobile/web certificationParticipation in web hacking challenges, competitions or bug bountiesDevelopment of tools or plugins used to conduct security testing and analysisDeveloping, extending, or modifying exploits, shellcode or exploit toolsSource code review for control flow and security flawsStrong knowledge of tools used for cloud, wireless, web application, and network security testingLet’s cut to the cheese, this is why you'll love it hereBox Discount - Amazing discounts on 1 box per week! 75% discount on weekly HelloFresh and Chefs Plate meal kits AND 50% off weekly Factor meal box.Health & Wellness - Health & Dental benefits from day 1, a Health Spending Account, unlimited access to the Headspace app to meet your self-care needs, and 25% discount on GoodLife fitness memberships!Vacation & PTO - Time off is also an important part of self-care! We offer generous vacation and PTO to help you create a good work-life balance.Family Benefits - A parental leave top-up program for expectant parents.Growth & Development - We support your career progression and invest in your continued learning through experiences and initiatives owned by our dedicated L&D teamWork Hard & Have Fun - From team socials to engaging company days, you’ll have plenty of opportunity to experience the fun!Diversity & Inclusion Initiatives - With impactful ERG’s like FreshPride, Women Empowered and LIMES, we are committed to our diversity, equity & inclusion efforts.Food Puns - this one is kind of a big dill if you haven’t already noticed. We even have some punny meeting room names!Flexible Hybrid Approach At HelloFresh, we know that flexible work arrangements are essential in enabling you to do your best work, while balancing your personal and life needs. Offering remote work flexibility, along with the opportunity to interact and collaborate in the office are all a part of creating a great employee experience. To meet these needs, we are pleased to provide Flexible Hybrid work. Flexible Hybrid is a people-first approach that is based on choice, trust, personalization, and empowers teams to choose when and how often they work from the office and work from home, in addition to team days and company days. This means a minimum of 2 days in office per week, with most teams in office between 2-3 days a week.Toronto, ON Pay Range: $122,740—$141,950 CAD#J-18808-Ljbffr