Application Security Specialist

About CoLab

At CoLab, we help mechanical engineering teams bring life‑changing products to market years sooner. CoLab is a cloud based platform for engineering design review that enables subject matter experts (SMEs) to access, evaluate, and comment on 2D drawings and 3D models. Our built‑in AI peer checker, AutoReview, scans designs for common errors or non‑compliance with your standards and guidelines, creating markups and comments on your files just like a human checker. Human SMEs and AI work together to improve designs faster and capture knowledge across your business, ensuring every lesson learned and design guideline is applied exactly when it matters. Companies such as Johnson Controls, Komatsu, Schaeffler, and Polaris have launched products 40% faster, cut BOM costs by 50%, and reduced quality escapes by 15% in one year.

About the Role

CoLab is looking for an Application Security Specialist. Your focus is catching vulnerabilities before they reach production. You will be embedded in multiple product build teams (2–3 squads), attending stand‑ups, reviewing feature work, and stress‑testing our applications and tools for risk. Your day‑to‑day involves deeply understanding how our software works and figuring out how to break it. Taking direction from the Director of AppSec, this role is ideal for someone early in their security career (dev, QA or pentesting exposure) who is deeply motivated to learn and ready to work hard to get better.

What You’ll Do

• Review and risk rate upcoming features based on potential security impact, working closely with devs on high‑risk projects.
• Conduct manual and exploratory security testing on features before they ship.
• Actively participate in team stand‑ups for 2–3 development teams, building trust and offering guidance when needed.
• Think like an attacker and uncover issues devs may not see.
• Manage and support internal security tools (e.g., SemGrep, Datadog, Retool) and help teams use them responsibly.
• Continuously improve our security review process, tooling, and internal documentation.
• Shadow senior security team members and pursue self‑guided learning to level up your skills.

You’ll Thrive in This Role If

Must‑Haves

Nice‑to‑Haves

The Extra Details

Compensation : Full‑time, permanent role with competitive compensation and stock options.

Benefits : Unlimited vacation, extended health coverage, and 5% RRSP matching.

Location : Remote‑first within Canada. HQ is in St. John’s, NL, Canada with optional hybrid if you’re local.

Equity Note

Frequently cited statistics show that people who identify with historically marginalized groups are likely to apply to jobs only if they meet 100% of the qualifications. We encourage you to help us break that statistic and apply even if you don’t meet every single qualification—your potential is what matters most to us.

#J-18808-Ljbffr