Movable Ink

Product Security Engineer

Posted 2 Days Ago

Easy Apply

Be an Early Applicant

Toronto, ON

Hybrid

Mid level

Artificial Intelligence • Marketing Tech • Software

The magic behind your marketing.

The Role

The Product Security Engineer will implement security testing, manage vulnerabilities in codebases, and integrate security practices into CI/CD pipelines while collaborating with engineering teams.

Summary Generated by Built In

Movable Ink scales content personalization for marketers through data-activated content generation and AI decisioning. The world’s most innovative brands rely on Movable Ink to maximize revenue, simplify workflow and boost marketing agility. Headquartered in New York City with close to 600 employees, Movable Ink serves its global client base with operations throughout North America, Central America, Europe, Australia, and Japan.

Movable Ink is hiring a Product Security Engineer to help secure our codebases, CI/CD pipelines, and development practices. To succeed in this role, you'll balance a security-first mindset with a practical understanding of how engineering teams ship software: finding ways to reduce risk without slowing down delivery. This is a hands-on opportunity to build and improve the automation that keeps our code and infrastructure safe, working closely with both the Security and Engineering teams. As AI coding tools and supply chain attacks increase risk across the industry, this role is critical to staying ahead of vulnerabilities before they reach production.

Responsibilities:

Implement and maintain static application security testing (SAST) using Semgrep across our repositories
Configure and improve software composition analysis (SCA) tooling (Dependabot) to identify vulnerable dependencies
Manage secrets detection scanning (Trufflehog) and respond to findings
Integrate security scanning into CI/CD pipelines (GitHub Actions) to catch issues before code is merged
Triage and prioritize vulnerability findings, working with engineering teams to drive remediation
Support dynamic application security testing (DAST) efforts using tools like ZAP
Contribute to our Application Security Posture Management (ASPM) platform to centralize findings and track remediation
Set up and configure automation scripts to support our vulnerability management practices
Document secure coding guidelines and help educate developers on security best practices
Evaluate and recommend new security tools as the landscape evolves

Qualifications:

2+ years of experience in application security, DevSecOps, or a security-focused software engineering role
Hands-on experience with SAST, SCA, or secrets scanning tools (Semgrep, Dependabot, Snyk, or similar)
Familiarity with CI/CD pipelines and GitHub Actions
Understanding of common web application vulnerabilities (OWASP Top 10) and how to detect/prevent them
Experience reading and reviewing code in at least one language (Ruby, Python, JavaScript, or Go preferred)
Comfortable navigating codebases and working with engineering teams to explain and prioritize security findings
Strong written communication skills for documentation and customer-facing security responses
Self-motivated and able to manage competing priorities in a fast-paced environment

Studies have shown that women, communities of color, and historically underrepresented people are less likely to apply to jobs unless they meet every single qualification. We are committed to building a diverse and inclusive culture where all Inkers can thrive. If you’re excited about the role but don’t meet all of the abovementioned qualifications, we encourage you to apply. Our differences bring a breadth of knowledge and perspectives that makes us collectively stronger.

We welcome and employ people regardless of race, color, gender identity or expression, religion, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, ethnicity, family or marital status, physical and mental ability, political affiliation, disability, Veteran status, or other protected characteristics. We are proud to be an equal opportunity employer.

Top Skills

Dependabot

Github Actions

JavaScript

Python

Ruby

Semgrep

Trufflehog

Zap

What the Team is Saying

View all jobs at Movable Ink

View Movable Ink Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: New York, NY

600 Employees

Year Founded: 2010

What We Do

Movable Ink personalizes every customer engagement through automation and artificial intelligence. The world’s most innovative brands rely on Movable Ink to maximize revenue, simplify workflow and achieve the optimal customer experience. Headquartered in New York City with 600 employees, Movable Ink serves its global client base with operations throughout North America, Central America, Europe, and Australia.

Why Work With Us

Look closely at any Inker and you will find that our values remain heartfelt and timeless. We seek out knowledge and cultivate our intuition. We understand that communication starts by listening, understanding, and caring about others' success. We set a high personal bar, believe nothing is impossible, and commit ourselves fully to the goal.