We’re looking for a...

Lead Software Engineer - Product Security

Job post summary
Specialty Engineering and Development
Team Engineering

About the role

Shopify is creating the future of commerce, and to do this we can’t second-guess every new idea. Our product security team wants Shopify to ship boldly for our 600K+ merchants. They teach our engineering teams to build security into their products and they build safeguards to catch issues before they go live. They also work closely with security researchers to make Shopify a more secure platform than it ever was before. At the end of the day, we want folks here to run with product ideas that could be really valuable (regardless of how wild!), knowing that our team has their backs and is there to support their ideas with the right safeguards. 

We are looking for a Technical Lead to build out security tooling for product developers across Shopify. Coming in at this level, you will get involved at the early stages of projects, providing input through design reviews. You will be working on projects and tools that have an impact across Shopify, and partner with teams to ensure that security is embedded throughout a product’s lifecycle.

In addition to our Engineering Blog, here are a few links to give you an idea of the type of work our teams have done:

1. Kristina Balaam’s session for Shopify Partners regarding secure development practices

2. Pete Yaworski’s year in review of our bug bounty program

3. better-html, a Ruby gem released by our team


  • Build out security tools and frameworks to ensure that Shopify doesn’t slow down.
  • Lead multiple projects and prioritize which needs the most attention.
  • Share knowledge and provide technical leadership to others on the team. 
  • Partner with merchant-facing product teams to build usable security features into their products.
  • Provide security advice to developers across Shopify.
  • Maintain trust with Shopify engineering teams. 

Requirements for the role:

  • Security-specific development experience. You’ve spent several years building security tools and features that scale with a growing company.
  • Partnering with non-security development teams. You’re able to communicate security-speak to anyone.
  • Ability to operate independently, but not as a silo. You require minimal supervision, but understand the value of collaborating and knowledge-sharing.
  • Keeping a bird’s eye view. You’ve seen projects through from road-mapping to completion, knowing who else to loop in in the process.
  • Good working knowledge of the OWASP Top 10. You’re a super great teammate at hacker trivia night.

Bonus experience:

  • Note: if some of this tech is new to you, that's okay! We realise that not everyone has worked with this stack before and provide opportunities for learning as you go.
  • Developing software in any of these languages: Ruby on Rails, Go, Lua, Python, Javascript, MySQL
  • Building security features for applications running on public cloud: GCP, AWS, Azure

We know that looking for a new role can be both exciting and time-consuming, and we truly appreciate your effort. Krystle is an actual real live person (👋🏻) and is looking forward to learning more about you. Tell us why this is the role for you!

Job postings for similar
Position Team Location
Web Team Lead, Core Engineering Montreal, Canada
Director of Production Security Engineering Toronto, Canada
Production Engineering - Edgescale - Domains and Notifications Production Engineering Ottawa, Canada
Production Engineering - Developer Tools Manager Production Engineering Ottawa, Montreal, Toronto, Waterloo, Remote UTC -4 to UTC -8 time
Lead Software Engineers - Shipping Services Engineering Ottawa, Toronto
Senior Software Developer Engineering Montreal, Canada
Senior Software Engineer - Shipping Services Engineering Ottawa, Toronto
Production Engineering - Edgescale - Domains and Notifications Production Engineering Toronto, Canada
Choose your own Security Engineering adventure Engineering Toronto, Canada
Engineering Lead - App & Partner Platform Engineering Toronto, Canada
Technical Developer Lead, Shopify Plus Engineering Waterloo, Canada
Technical Program Manager (Web) Engineering Ottawa, Toronto
Developer - Billing Engineering Ottawa, Canada
Senior Software Developer- App & Partner Platform Engineering Toronto, Canada
Lead Software Developer Engineering Toronto, Canada
Lead Software Engineer Engineering Ottawa, Canada
Production Engineering - Kafka Infrastructure Engineer Production Engineering Montreal, Canada
Production Engineering - Kafka Infrastructure Engineer Engineering Waterloo, Canada
Production Engineering - Kafka Infrastructure Engineer Engineering Montreal, Canada
Lead Software Engineer - Security Engineering Toronto, Canada