• Kitchener, Ontario
  • Full-time
  • Product Development

Application Security Specialist

  • Reference #: 1220644

Do you have deep hands-on experience with agile development processes and have experience integrating secure development practices into the model? This role is for you!

Every day, our software is used by millions of people around the world, and we are looking for developers who share in our excitement and passion for transforming the way the world learns. At D2L, we believe that learning should be accessible and engaging. Our goal is to create easy, flexible, and smart software that ignites the desire to learn in everyone. To do this, we need to give talented, enthusiastic, and passionate people, like you, opportunities to create, develop, and collaborate on projects that revolutionize the learning environment.

About the role!

We are looking for a software developer who’s passionate about application security to continue improving how we protect our customers’ data.  As part of the InfoSec team, you will help identify security and privacy risks in our application code and software development practices, and will work closely with developers to empower them and mature the culture of security at D2L.

How will I make an Impact?

Educating and Empowering Teams

  • Ensure development teams are well-trained in application security
  • Ensure development teams are well-trained on secure development processes

Advising Teams

  • Support architecture review processes whenever application security expertise is needed
  • Support development teams whenever application security expertise is needed
  • Respond to sales inquiries whenever application security expertise is needed

Advancing Security Processes

  • Improve, support, and automate our suite of tools and processes for application security testing and validation
  • Manage routine 3rd-party penetration testing services

Responding to Incidents

  • Investigate and respond to incidents related to application security

Assessing and Reporting on Risk

  • Report on the state of application security risks to the business
  • Report on the state of application security programs and the performance of development teams against targets

What you’ll bring to the role:

  • Hands-on experience with agile development processes and can integrate secure development practices into the model. The ideal candidate has experience writing and testing web applications and web services.
  • You have familiarity with the OWASP Top 10, and are comfortable discussing and advising others on application vulnerabilities.
  • You have experience automating a variety of tasks and processes.
  • Excellent written and verbal communication skills.
  • 5+ years of relevant experience.
  • Coding experience in multiple languages, such as C#, JavaScript, PowerShell, and UNIX Shell languages.
  • Working knowledge of browser security; identity and access control; applied cryptography and security protocols
  • Having a security certification such as CISSP, CCSP or CSSLP, is a benefit, but is not required


  • Flexible work hours
  • Health and wellness programs
  • Collaborative work environment
  • Dog Friendly office
  • Snacks and food trays!
  • Foosball, Ping-pong, Darts, Pinball, Arcade and Board Games
  • Showers on site
  • Centrally located in downtown, close to restaurants and pubs, easily accessible by public transit
View more opportunities

Share this job


Disclaimer and Consent:

By clicking on the “Submit Application” button above, you acknowledge, agree and/or provide your explicit consent for the D2L family of companies

  • to use the information you have provided for the purpose of considering and evaluating you as a candidate for employment with the D2L family of companies;
  • to store your information on their vendor systems;
  • to share your information within the D2L family of companies, their vendors, partners or other third parties for the purpose of processing your employment application; and
  • to use your personal information to contact you in the future for any other suitable employment opportunities;

The D2L family of companies and its vendors, partners, and third parties and their systems may be located in jurisdictions different from your jurisdiction of residence.

For more information on how the D2L family of companies protects your privacy, please review D2L’s Privacy Statement.

D2L is committed to a fair and inclusive work environment. We are an equal opportunity employer that hires and attracts talent regardless of age, race, creed, color, religion, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, status as a protected veteran or any other legally protected grounds and will not discriminate on these bases. We draw on diversity of thought and experience to reflect the rich array of cultures representing our broad customer base and we seek talent with diversity of life experiences and perspectives from around the world. If you have special accessibility requirements that need to be considered during the recruitment process, please let us know by emailing us at careers@d2l.com and a member of our HR team will get back to you. Information received relating to accommodation needs of applicants will be addressed confidentially. D2L maintains a drug-free workplace.

To all recruitment agencies: D2L does not accept agency resumes. Please do not forward resumes to our HR alias e-mail address, to any D2L employee, or to other Desire2Learn e-mail addresses. D2L will not pay any fees related to unsolicited resumes.