Product Security Engineer

Movable Ink · Movable Ink - Toronto · Engineering

Posted 2026-01-26

Apply for this role →

Movable Ink scales content personalization for marketers through data-activated content generation and AI decisioning. The world’s most innovative brands rely on Movable Ink to maximize revenue, simplify workflow and boost marketing agility. Headquartered in New York City with close to 600 employees, Movable Ink serves its global client base with operations throughout North America, Central America, Europe, Australia, and Japan.

Movable Ink is hiring a Product Security Engineer to help secure our codebases, CI/CD pipelines, and development practices. To succeed in this role, you'll balance a security-first mindset with a practical understanding of how engineering teams ship software: finding ways to reduce risk without slowing down delivery. This is a hands-on opportunity to build and improve the automation that keeps our code and infrastructure safe, working closely with both the Security and Engineering teams. As AI coding tools and supply chain attacks increase risk across the industry, this role is critical to staying ahead of vulnerabilities before they reach production.

Responsibilities:

Implement and maintain static application security testing (SAST) using Semgrep across our repositories

Configure and improve software composition analysis (SCA) tooling (Dependabot) to identify vulnerable dependencies

Manage secrets detection scanning (Trufflehog) and respond to findings

Integrate security scanning into CI/CD pipelines (GitHub Actions) to catch issues before code is merged

Triage and prioritize vulnerability findings, working with engineering teams to drive remediation

Support dynamic application security testing (DAST) efforts using tools like ZAP

Contribute to our Application Security Posture Management (ASPM) platform to centralize findings and track remediation

Set up and configure automation scripts to support our vulnerability management practices

Document secure coding guidelines and help educate developers on security best practices

Evaluate and recommend new security tools as the landscape evolves

Qualifications:

2+ years of experience in application security, DevSecOps, or a security-focused software engineering role

Hands-on experience with SAST, SCA, or secrets scanning tools (Semgrep, Dependabot, Snyk, or similar)

Familiarity with CI/CD pipelines and GitHub Actions

Understanding of common web application vulnerabilities (OWASP Top 10) and how to detect/prevent them

Experience reading and reviewing code in at least one language (Ruby, Python, JavaScript, or Go preferred)

Comfortable navigating codebases and working with engineering teams to explain and prioritize security findings

Strong written communication skills for documentation and customer-facing security responses

Self-motivated and able to manage competing priorities in a fast-paced environment

The base pay range for this position is $133,000-$173,000 CAD/year, which can include additional bonus depending on the position ultimately offered, in addition to a full range of medical, financial, and/or other benefits. The base pay offered may vary depending on job-related knowledge, skills, and experience.

Studies have shown that women, communities of color, and historically underrepresented people are less likely to apply to jobs unless they meet every single qualification. We are committed to building a diverse and inclusive culture where all Inkers can thrive. If you’re excited about the role but don’t meet all of the abovementioned qualifications, we encourage you to apply. Our differences bring a breadth of knowledge and perspectives that makes us collectively stronger.

We welcome and employ people regardless of race, color, gender identity or expression, religion, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, ethnicity, family or marital status, physical and mental ability, political affiliation, disability, Veteran status, or other protected characteristics. We are proud to be an equal opportunity employer.

Apply for this role →

← Back to all crypto jobs