We are trusted partners in the
development of secure software.

Behind the Scenes

Learning, Growth, and Passion

The culture of Security Compass is derived from one founding principle: to improve the state of software security. We offer challenging work and cutting edge research in an openly collaborative environment. We encourage you to explore ideas and test new theories.

Every member of our team is passionate about their work and provides clients with best-in-industry expertise and customer service. We believe that engaged and motivated employees lead to consistent satisfaction.

Benefits and Perks

  • Iconic representation of Flexible Schedule

    Flexible Schedule

    We support a healthy work/life balance. You have unlimited personal days to help manage your schedule.

  • Iconic representation of Learning and Growth

    Learning and Growth

    We provide a budget and environment dedicated to help you attain new skills and monthly sessions are entertained to showcase what you’ve learned.

  • Iconic representation of Hack Days

    Hack Days

    Developers are able to allocate 10% of their time to work on side projects of their choosing.

  • Iconic representation of Progressive Research

    Progressive Research

    Contribute to our research team in the fields that interest you! NFC, Drones and DDos are examples of what our team members are currently getting into.

  • Iconic representation of Friendly Events

    Friendly Events

    We have fun! Whether it’s movie night or playing paintball, dodgeball, or board games, it’s regular around here!

  • Iconic representation of Leadership

    Leadership

    Are you interested in being a team leader? We can help you prosper with our merit-based leadership program.

  • Iconic representation of Universal Acceptance

    Universal Acceptance

    Whatever your race, gender identity or sexual orientation, we welcome you to be a great part of our diverse culture!

  • Iconic representation of Workplace Democracy

    Workplace Democracy

    Our flat organization structure allows you to comfortably provide us with feedback through open doors and allows for greater innovation and communication.

Join the Team

Check out our list of available positions

+

Learning Management System Administrator

Greater Toronto Area

Security Compass is a leader and trusted partner in the development of secure software. We have extensive cross-industry knowledge, technical prowess, and have developed the right expert tools to predict, plan and prevent a security breach. Our best-in-class core products include a mix of Consulting, Training and Software Security Requirements Management Solutions.

The Training team is growing and we’ve accelerated at a four-fold pace just this past year alone. Our team is all about applying learning technologies, modern instructional techniques, and data-driven metrics to help redefine how companies learn to protect their infrastructure and software from hackers.

There is no better time than now to join Security Compass, to leverage your expertise and make a significant contribution. Help us envision, build and deliver a cutting-edge landscape for how our customers learn about IT Security.

About the Opportunity

Security Compass eLearning is our heart and soul. The Learning Management System Administrator holds the keys to managing all online eLearning for our global customers. You will:

  • Regularly inspect learning usage and ensure students are having the highest quality experience.
  • Manage and maintain course content and user data on a number of Learning Management Systems, and perform scheduled systems backups.
  • Participate in Quality Assurance testing of all new courses.
  • Investigate and troubleshoot technical issues.
  • Run reports to track and assess system usage and support tickets.
  • Provide professional customer service when addressing internal and external support requests.
  • Manage multiple projects in a fast-paced, yet fun environment.

Who You Are

Technical Instincts - You think quickly on your feet, and possess a high level of independence and technical ability to troubleshoot and solve difficult and complex problems. You thrive and flourish when challenged and possess a high degree of technical experience administering systems.

Analytical Ability - We use data-driven metrics to drive educational results. In order to understand where students may have gaps we need to constantly analyze usage, assessments and help customers understand the implications. You will be expected to provide detailed analysis and recommendations to improve the quality of training.

Detail Oriented - Our eLearning courses are regularly updated, and this role will manage all updates and regular maintenance to eLearning courses—updating courses, lessons, tests, and full deployments for new customers. You will be expected to use these skills to help provision accounts and help customers understand the processes to managing an LMS. Attention to detail is critical to provide a consistent and high level of quality.

Drive - You love to stay current in the latest LMS technologies, and are always recommending creative solutions to customers. This is more critical as we continue to grow. This may include development or procurement of tools or new technologies to assist. This requires an individual who has the self-determination towards helping accomplish our vision and to bring our customers there.

About Us

Our culture is derived from one founding principle: to improve the state of software security. We offer challenging work and cutting edge research in an openly collaborative environment. We encourage you to explore ideas and test new theories. Every member of our team is passionate about their work and provides customers with best-in-industry expertise and customer service.

Our Offer to You

  • An “open work culture” that is fun, creative, energetic, passionate and challenging where you have the ability to make a significant impact.
  • A flexible work schedule with the possibility of working from home.
  • Excellent benefits and bonus programs with full support for personal learning and growth opportunities.
  • The ability to make a difference – we are looking for passionate individuals with a desire to grow with us and define what security education should be.

Why should you work for Security Compass?

Click Here to find out! Apply Now
+

Contract Python Developer

Greater Toronto Area or Remote

We are looking for a contract Python developer to help build integrations between SD Elements, our commercial software product, and other systems. Contractors should be familiar with the Python programming language and REST and SOAP technologies.

Contractors will be assigned a specific integration task and expected to implement it remotely on their own. Selected contractors will be coached on the SD Elements API and provided guidance on how to leverage the existing framework to interface with other systems. Access to software or systems needed for integration will be provided to the selected contractors.

Please submit a resume along with a write-up explaining your relevant experience and hourly rate expectations. If selected, you will be required to interview with our integration team and complete a skill-testing exercise.

Core Competencies

  • Python
  • Proven experience working with REST and SOAP web services
  • Ability to learn software frameworks and APIs quickly
  • Effective working independently with little supervision
  • Receptive to code reviews
  • Clear written communication
  • Familiar with bug/issue tracking systems

Specific Responsibilities include:

  • Researching new APIs and connecting them to the SD Elements REST API
  • Developing mock and live test cases
  • Documenting integrations for internal use
  • Providing on-going status updates during development

Why should you work for Security Compass?

Click Here to find out! Apply Now
+

Contract Content Researcher

Anywhere

We are looking for contract researchers to help build secure development content for SD Elements. Contractors should be familiar with secure programming and/or applying compliance frameworks to software development.

Contractors will be assigned a specific, concrete set of work based on their expertise. Contractors will first be expected to understand the SD Elements research methodology and content framework.

Please submit a resume along with a writeup explaining your experience with application security and hourly rate expectations. If selected, you will be required to interview with our content research team and complete a skill-testing exercise.

Core Competencies

  • Sound knowledge of security and cryptography concepts, secure software development principals & practices, web application security and vulnerabilities
  • Proven ability to learn new technical concepts quickly
  • Clear written communication
  • Strong knowledge and experience of using the technology of interest (depending on the topic of research and contract). We will choose applicants based on the applicability of their expertise to particular research topics.
  • Strong familiarity with the concept of compliance regulations and ability to understand, use and implement compliance regulations in a particular context (An example could be writing code samples according to a particular a compliance regulation, e.g. PCI DSS v 3.0)

Specific Responsibilities include:

  • Researching security requirements and adding content, as a result, for a programming language, technology and/or framework, including building real working samples of code
  • Mapping security requirements (as presented and organized in SD Elements) to a specific compliance framework, such as the latest version of PCI DSS
  • Creating test cases to verify a set of security requirements

Why should you work for Security Compass?

Click Here to find out! Apply Now
+

Associate Application Security Consultant

Greater Toronto Area

As an Associate Application Security Consultant, you will be expected to assist with, and ultimately perform, various application-security-specific testing activities. You will participate in application security penetration testing, source code reviews, and threat modeling. You will also contribute content to draft reports based on the assessment results and gathered evidence. You will be expected to stay up-to-date with the latest developments in information security in order to contribute to talks, blogs, articles, and whitepapers.

We're looking for new graduates who are up for the challenge. Candidates must be based out of the Greater Toronto Area.

Education

Bachelor degree or minimum 3-year college diploma in:

  • Software engineering
  • Computer science/electrical engineering
  • IT/system and network administration OR
  • Other applicable engineering disciplines

Soft Skills

  • Self-directed learner and willing to experiment with new things
  • Excellent oral and written communication skills
  • Creative thinking ability and good analytical skills
  • Outstanding problem solving ability
  • Enthusiasm and positive attitude
  • Active listening and attention to detail
  • Professional and a team player
  • Passion for customer service is an asset

Technical Skills

  • Hands-on experience in software development, either through co-op/internship programs or personal projects
  • OR System administration (e.g. maintenance of various operating systems, networking devices and customer support), either through co-op/internship programs or personal projects
  • A general understanding of the OWASP Top 10

Tinkerer:

  • You like to pull things apart and figure out how they work
  • You like to see what can be tampered with
  • You like to see what the maker of a product didn’t think about from not only a security perspective but all perspectives
  • You like to see the big picture around a product and see how your tinkering can help the product improve as a whole

Nice to Have

  • A basic understanding of application and network security assessment techniques
  • Participation in a bug bounty (i.e., recognition for responsibly reporting an issue)
  • Participation in Hackathons/Capture-the-Flags
  • Participation in open source software projects
  • OSCP, CISSP, CSSLP, GIAC certifications

What We Offer

  • Free snacks and refreshments
  • Regular participation in CTF events
  • Engagement with the security community by hosting events such as OWASP chapter meetings
Click Here for even more perks! Apply Now
+

Consultant with Software Development Background

Greater Toronto Area

We’re looking for software developers who are itching to make an impact in the application security space. As an Associate Security Consultant, you will be expected to assist with, and ultimately perform, various application-security-specific testing activities. You will participate in application security penetration testing, source code reviews, and threat modeling. You will also contribute content to draft reports based on the assessment results and gathered evidence. You will be expected to learn and stay up-to-date with the latest developments in information security in order to contribute to talks, blogs, articles, and whitepapers.

Candidates must be based out of the Greater Toronto Area.

Education

Bachelor degree or minimum 3-year college diploma in:

  • Software Engineering or Computer Science

Soft Skills

  • Self-directed learner and willing to experiment with new things; high level of contextual and technological adaptability (i.e., tool- and industry-agnostic)
  • Excellent oral and written communication skills
  • Creative thinking ability and good analytical skills
  • Outstanding problem solving ability
  • Enthusiasm and positive attitude
  • Active listening and attention to detail
  • Professional and a team player
  • Good decision-making skills
  • Experience working both as part of a team and independently
  • Passion for customer service is an asset
  • Experience working as a consultant is an asset

Technical Skills

  • 2-3 years of Software Development experience
  • Java EE and/or .NET
  • Agile development or CI
  • Good understanding of relational databases (MSSQL, Oracle, DB2)
  • Familiarity with one or more IDEs
  • Familiarity with two or more MVC frameworks
  • Understanding of JavaScript-based frameworks such as Node, Angular, etc., is an asset
  • Enterprise web application development is an asset
  • Familiarity with debugging, QA, deployment tools is an asset
  • Experience with one or more static code analyzers is an asset
  • Enterprise Front-end and/or Back-end web, mobile, or desktop application development is an asset

Tinkerer:

  • You like to pull things apart and figure out how they work
  • You like to see what can be tampered with
  • You like to see what the maker of a product didn’t think about from not only a security perspective but all perspectives
  • You like to see the big picture around a product and see how your tinkering can help the product improve as a whole

What We Offer

  • Free snacks and refreshments
  • Regular participation in CTF events
  • Engagement with the security community by hosting events such as OWASP chapter meetings
Click Here for even more perks! Apply Now
+

Application Security Consultant

Greater Toronto Area

As an Application Security Consultant, you will be expected to perform and eventually lead various application-security-specific testing activities. In addition to the execution of traditional application security assessments, you will participate in their refinement and improvement. You will also draft reports based on the assessment results and gathered evidence, and address client inquiries regarding these results. You will be expected to stay up-to-date with the latest developments in information security in order to contribute to talks, blogs, articles, and whitepapers.

Candidates must be based out of the Greater Toronto Area.

Education

Bachelor degree or minimum 3-year college diploma in:

  • Software engineering
  • Computer science/electrical engineering
  • IT/system and network administration OR
  • Other applicable engineering disciplines
  • For those who don’t meet the technical skills experience requirements below: Master’s degree in one of the above disciplines

Soft Skills

  • Self-directed learner and willing to experiment with new things; high level of contextual and technological adaptability (i.e., tool- and industry-agnostic)
  • Excellent oral and written communication skills
  • Creative thinking ability and good analytical skills
  • Outstanding problem solving ability
  • Enthusiasm and positive attitude
  • Active listening and attention to detail
  • Professional and a team player
  • Good decision-making skills
  • Experience working both as part of a team and independently
  • Passion for customer service is an asset
  • Experience working as a consultant is an asset

Technical Skills

  • A deep understanding of the OWASP Top 10
  • Ability to analyze root causes and deliver strategic recommendations during client reviews
  • OSCP, CISSP, CSSLP, or GIAC certifications an asset
  • Experience with Threat Modeling an asset
  • 1-3 years experience with:
  • - Web/mobile application penetration testing
  • - Source code review
  • - Network penetration testing

Tinkerer:

  • You like to pull things apart and figure out how they work
  • You like to see what can be tampered with
  • You like to see what the maker of a product didn’t think about from not only a security perspective but all perspectives
  • You like to see the big picture around a product and see how your tinkering can help the product improve as a whole

Nice to Have

  • Participation in a bug bounty (i.e., recognition for responsibly reporting an issue)
  • Participation in Hackathons/Capture-the-Flags
  • Participation in open source software projects

What We Offer

  • Free snacks and refreshments
  • Regular participation in CTF events
  • Engagement with the security community by hosting events such as OWASP chapter meetings
Click Here for even more perks! Apply Now
+

Senior Application Security Consultant

Greater Toronto Area or San Francisco Bay Area

As a Senior Application Security Consultant, you will be expected to lead and manage enterprise-wide application security projects, including vulnerability assessments, SDLC security assessments, methodology development, software security advisory, and research. You will engage with clients to understand their application security needs, scope solutions and initiatives, drive the creation of project deliverables such as vulnerability reports and executive summaries, and manage the delivery of the project. You are constantly ingesting security events and information and integrating it into your practices. You can relay that information to your colleagues and your non-technical family members with the appropriate degree of detail.

Candidates must be located in or willing to relocate to the Greater Toronto Area or San Francisco Bay Area.

Education

Bachelor degree or minimum 3-year college diploma in:

  • Software engineering
  • Computer science/electrical engineering
  • Other applicable engineering disciplines

Soft Skills

  • You can teach someone about anything without being an expert yourself
  • You can write executive summaries, Wikipedia entries, and fanfiction flawlessly
  • You genuinely admire sweet hacks, even if they aren’t yours
  • If getting this job were a problem, you have multiple, proven solutions already
  • Other people ask to work with you
  • You’ve already spotted several mistakes in the content of this job posting
  • ...but you’re willing to overlook them because job postings are trivial in the overall hiring process
  • You respect the third rail
  • You’ve lead a team into battle; everyone survived
  • You’re generous with your knowledge and patient with your subordinates
  • Ultimately, you know how to Get Things Done

Technical Skills

  • 4+ years of experience in an information security role (offensive or defensive)
  • Expertise in the execution and delivery of information security assessments
  • Experience with the evaluation and development of security solutions and architectures
  • A deep understanding of the common network and software security vulnerabilities
  • Ability to analyze root causes and deliver strategic recommendations during client reviews
  • OSCP, CISSP, CSSLP, or GIAC certifications an asset
  • Government security clearances an asset
  • Ability to work internationally an asset
  • Recommendations from one or more clients and/or colleagues an asset

Thinker:

  • You like reverse engineering
  • You like to push boundaries and have the common sense to know when and where
  • You believe in responsible disclosure, behaving ethically, and collaboration to achieve success
  • Your snap intuitions about a product can be trusted
  • You can prioritize and assign resources efficiently

What We Offer

  • Free snacks and refreshments
  • Regular participation in CTF events
  • Engagement with the security community by hosting events such as OWASP chapter meetings
Click Here for even more perks! Apply Now
+

Senior Security Consultant

Greater Toronto Area or San Francisco Bay Area

As a Senior Security Consultant, you will be expected to lead and manage enterprise-wide security projects, including vulnerability assessments, methodology development, security advisory, and research. You will engage with clients to understand their security needs, scope solutions and initiatives, drive the creation of project deliverables such as vulnerability reports and executive summaries, and manage the delivery of the project. You are constantly ingesting security events and information and integrating it into your practices. You can relay that information to your colleagues and your non-technical family members with the appropriate degree of detail.

Candidates must be located in or willing to relocate to the Greater Toronto Area or San Francisco Bay Area.

Education

Bachelor degree or minimum 3-year college diploma in:

  • Software engineering
  • Computer science/electrical engineering
  • IT/system and network administration OR
  • Other applicable engineering disciplines

Soft Skills

  • You can teach someone about anything without being an expert yourself
  • You can write executive summaries, Wikipedia entries, and fanfiction flawlessly
  • You genuinely admire sweet hacks, even if they aren’t yours
  • If getting this job were a problem, you have multiple, proven solutions already
  • Other people ask to work with you
  • You’ve already spotted several mistakes in the content of this job posting
  • ...but you’re willing to overlook them because job postings are trivial in the overall hiring process
  • You respect the third rail
  • You’ve lead a team into battle; everyone survived
  • You’re generous with your knowledge and patient with your subordinates
  • Ultimately, you know how to Get Things Done

Technical Skills

  • 4+ years of experience in an information security role (offensive or defensive)
  • Expertise in the execution and delivery of information security assessments
  • Experience with the evaluation and development of security solutions and architectures
  • A deep understanding of the common network and software security vulnerabilities
  • Ability to analyze root causes and deliver strategic recommendations during client reviews
  • OSCP, CISSP, CSSLP, or GIAC certifications an asset
  • Government security clearances an asset
  • Ability to work internationally an asset
  • Recommendations from one or more clients and/or colleagues an asset

Thinker:

  • You like reverse engineering
  • You like to push boundaries and have the common sense to know when and where
  • You believe in responsible disclosure, behaving ethically, and collaboration to achieve success
  • Your snap intuitions about a product can be trusted
  • You can prioritize and assign resources efficiently

What We Offer

  • Free snacks and refreshments
  • Regular participation in CTF events
  • Engagement with the security community by hosting events such as OWASP chapter meetings
Click Here for even more perks! Apply Now
+

Principal Security Consultant

Greater Toronto Area or San Francisco Bay Area

As a Principal Security Consultant, you will be expected to lead and manage teams of consultants on enterprise-wide security projects, spearhead strategic security engagements, and drive new initiatives within our security practices. You will engage and build relationships with our clients to understand their security needs, scope solutions and initiatives, act as their security subject matter expert, anticipate their problems and ultimately help solve them. You are constantly ingesting security events and information and integrating it into your practices. You can relay that information to your colleagues and your non-technical family members with the appropriate degree of detail.

Candidates must be located in, or willing to relocate to, the Greater Toronto Area or San Francisco Bay Area.

Education

Bachelor degree or minimum 3-year college diploma in:

  • Software engineering
  • Computer science/electrical engineering
  • IT/system and network administration OR
  • Other applicable engineering disciplines

Soft Skills

  • You’re an expert at building and cultivating relationships with customers and colleagues
  • You handle adverse situations calmly
  • You can teach someone about anything without being an expert yourself
  • You can write executive summaries, Wikipedia entries, and fanfiction flawlessly
  • If getting this job were a problem, you have multiple, proven solutions already
  • Other people ask to work with you
  • You’re generous with your knowledge and patient with your subordinates
  • Ultimately, you know how to Get Things Done

Technical Skills

  • 8+ years of experience in an information security role (offensive or defensive)
  • Expertise advising clients on their short-term and long-term security strategy
  • Ability to anticipate and generate new business
  • Expertise in the execution and delivery of information security assessments
  • A deep understanding of the common network and software security vulnerabilities
  • OSCP, CISSP, CSSLP, or GIAC certifications an asset
  • Government security clearances an asset
  • Ability to work internationally an asset
  • Recommendations from one or more clients and/or colleagues an asset

Thinker:

  • You have a creative spark and a knack for innovation
  • You love to lead
  • You like to mentor your junior colleagues and inspire their career development
  • You can be trusted to be the sole security advisor to large corporations because they don’t have one
  • You enjoy doing research and applying it to what you do
  • You relish the opportunity to flex your analytical muscle to solve unique problems
  • You are constantly fantasizing about the direction of the industry and how to adapt your practices to it
  • You can prioritize and assign resources efficiently

What We Offer

  • Free snacks and refreshments
  • Regular participation in CTF events
  • Engagement with the security community by hosting events such as OWASP chapter meetings
Click Here for even more perks! Apply Now
+

Network/Systems Developer

Toronto

Are you sick and tired of hearing about DDoS attacks that could have been prevented? Are you ready to have a material impact with a team that's actually making a big difference in helping companies defend against DDoS assaults? Join us at Security Compass, to help build our DDoS simulation service DDoS Strike.

We're looking for a smart, pragmatic software developer to join our downtown Toronto based team. Working with us means you will be making a positive impact on the security of systems which affect us all on a daily basis: financial, health, infrastructure, and others. Our developers interface directly with customers, take pride in ownership of the product, and have major input on what they work on.

All developers are able to spend 10% of their time working on a side-project of their choice to encourage on-going learning. Are you passionate about building real, production software? Come realize it here.

Must be able to commute into our downtown Toronto office. Telecommuting available two days per week. We primarily develop using Python.

Desired Skills & Experience

  • Strong development background and experience, preferably OO (Java, C++, Python etc..)
  • Network Programming

Nice to Have

  • Python
  • Network/Application Protocols & Security (OSI Model)
  • Some knowledge of Dev Ops/System Administration
  • Knowledge of how DDoS attacks work
  • Knowledge of Cloud IaaS (ex. AWS, Azure)
  • Knowledge of Distributed Systems
  • Asynchronous Programming
  • Experience with any of the following libraries: Tornado, scapy, Apache-libcloud
  • Experience setting up DDoS defences

Why should you work for Security Compass?

Click Here to find out! Apply Now
+

Senior Linux System Administrator

Toronto

SD Elements is looking for a smart, pragmatic Linux System Administrator with interest in DevOps and a good understanding of commercial software deployment/development to join our team. Working with us means you will be making a positive impact on the security of systems, which affect us all on a daily basis: financial, health, infrastructure, and others. We've been out for just over 4 years and our clients already include some of the most recognizable brands on the planet, with the list expanding quickly.

We are looking for good candidates with experience bridging the three worlds of development and operations and enterprise customer support. Your role will be a key in integrating, deploying and supporting platforms for our enterprise customers. The role might involve up to 25% travel time in cases the work needs to be done in customer premises.

Desired Skills & Experience

  • 3 years experience in operations, administering Linux machines.
  • Bash scripting and/or scripting experience with Python or Ruby.
  • Experience maintaining a consistent configuration across multiple servers using tools such as puppet, chef, or similar applications.
  • Experience deploying and maintaining web servers such as Apache and Nginx.
  • Experience with MVC platforms such as Django or Rails is a bonus.
  • Experience troubleshooting issues with the above technologies and other areas as needed, specifically when dealing with unfamiliar code.
  • Must be based in Canada or US. We are based in Toronto, but if you are able and interested in working remotely, we are open to it.

Why should you work for Security Compass?

Click Here to find out! Apply Now
+

Test Automation Developer (Intern - September 2015)

Toronto

Are you sick and tired of hearing about security breaches that could have been prevented? Are you ready to have a material impact with a team that's actually making a big difference in helping companies build secure software? Join us at SD Elements. We're looking for a smart, pragmatic test automation developer intern to join our downtown Toronto based team. Working with us means you will be making a positive impact on the security of systems which affect us all on a daily basis: financial, health, infrastructure, and others. We've been out for just a few year and our clients already include some of the most recognizable brands on the planet, with the list expanding quickly. Our developers interface directly with customers, take pride in ownership of the product, and have major input on what they work on. All developers are able to spend 10% of their time working on a side-project of their choice to encourage on-going learning. Are you passionate about building real, production software? Come realize it here.

We are looking for someone to build on top of and improve upon our existing continuous integration and automated testing system. General programming experience, attitude, aptitude, passion for the product, and interpersonal communication skills are more important than specific technical skillset.

Nice to Have

  • Django (What we build on)
  • Python
  • Javascript
  • CasperJS
  • Jenkins, Travis CI, or other continuous integration tools
  • Application Security

Why should you work for Security Compass?

Click Here to find out! Apply Now

We’re constantly growing and are always looking for new talent to join our team

Copyright © 2015 Security Compass and SD Elements Inc.
All Rights Reserved.
257 Adelaide Street West, Suite 500, Toronto ON, Canada, M5H 1X9
Mail: 1801—1 Yonge Street, Toronto ON, Canada, M5E 1W7 | 1.888.777.2211 | info@securitycompass.com | Privacy Policy

Contact Us!

Security Compass Logo