Entry Level Software Engineer - Application Security (Remote - Canada)

Yelp engineering culture is driven by our values: we’re a cooperative team that values individual authenticity and encourages creative solutions to problems. All new engineers deploy working code their first week, and we strive to broaden individual impact with support from managers, mentors, and teams. At the end of the day, we’re all about helping our users, growing as engineers, and having fun in a collaborative environment.

Yelp is looking for an entry level Application Security Engineer to join our team and help safeguard our applications and services from emerging security threats. In this role, you’ll have the opportunity to learn and make a meaningful impact on the security of products used by millions of people every day. You’ll work closely with software engineers across the company to build secure-by-default systems and ensure security is woven into every stage of development.

As a Software Engineer on the Security team at Yelp, you will contribute to full stack projects while collaborating with our engineering teams to build safe tools, libraries, and features that protect our users and infrastructure. You’ll identify and fix vulnerabilities in our applications and services, and partner with external researchers through our public bug bounty program to continuously improve our security posture.

This opportunity is fully remote and does not require you to be located in any particular area in Canada. We welcome applicants from throughout Canada. We’d love to have you apply, even if you don’t feel you meet every single requirement in this posting. At Yelp, we’re looking for great people, not just those who simply check off all the boxes.

• Collaborate with cross-functional engineering teams (mobile, frontend, backend) to perform threat modeling, conduct security reviews, and design secure libraries that enhance the security of Yelp’s applications and services.
• Develop and deploy services for login and account security specific to Yelp’s website and mobile apps.
• Support security incident response and contribute to the team’s operational activities, including triaging bug bounty submissions and vulnerability reports from internal security tools.
• Build automated solutions to detect and prevent potential security threats within Yelp’s application and services.
• Promote security best practices and policies to be incorporated within software development life cycle.
• Be a team player who lives the Yelp Values and thrives in a diverse and inclusive work culture.

• Previous education or equivalent experience in Cybersecurity, or a related field.
• Full Stack software development background with an interest in application security.
• Understanding of web application security, mobile security, APIs, and cloud security.
• Command of your favorite modern programming language(s) -Python, Java, Javascript - React, Swift and/or Objective-C.
• Security research and pen testing experience are assets.