Lead Application Security Researcher

OPENTEXT - THE INFORMATION COMPANY

OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation.

AI-First. Future-Driven. Human-Centered.

At OpenText, AI is at the heart of everything we do—powering innovation, transforming work, and empowering digital knowledge workers. We're hiring talent that AI can't replace to help us shape the future of information management. Join us.

Job Title: Lead Application Security Researcher (Fortify) in Ottawa/Richmond Hill/Waterloo, ON - Hybrid 

About Our Team:

OpenText Software Security Research (SSR) Team specializes in approaching security from the perspective of how we build and use software. Our team is responsible for conducting security research which leads to enhanced security products as well as contributions to the Security Research Blog, whitepapers, conference presentations, and Cyber Risk Report. Furthermore, our team has identified new types of software vulnerabilities, defined the taxonomy used by all Fortify products, and highlighted broad security problems in development practices.

Fortify SSR is seeking a self-driven enterprise Lead Software Security Researcher who understands that security is more than firewalls and encryption.

Your Impact:

A Software Security Research role at OpenText is more than just a job; it's an opportunity to impact safety, security, and lives. As a key contributor, you will understand a wide range of application security research techniques, programming languages, standards, best practices, and vulnerability types. You will be involved in monitoring the state of industry by working collaboratively with internal teams, SMEs, external customers, auditors, and other stakeholders while defining the next generation of vulnerability techniques. You will be encouraged to cultivate an engineering and researcher mindset, driving innovative security solutions and processes that address real-world problems and shape the future.

 What the role offers:

As a Lead Security Researcher, you will:

• Create algorithms to help people find potential vulnerabilities in their code
• Finding 0 days in open-source projects and customer code
• Investigating and implementing techniques to exploit security vulnerabilities
• Discovering new methods for automatic identification of vulnerabilities
• Extracting the essence of known vulnerabilities to shape products of the future
• Help educate and evangelize security best practices to users and those around you
• Publishing and presenting Fortify's research and other relevant security topics
• Keeping up with and assessing the latest trends in software security 

What you need to Succeed:

• Master's or PhD in relevant Computer Science, Cyber Security, or Engineering program with 3+ years of experience in a security engineering role, or in a software development role with a strong focus in enterprise security
• Alternatively, a Bachelor's degree with 5+ years of relevant application security experience
• In-depth understanding of mobile and/or web enterprise application programming languages (e.g. Java, Kotlin, Swift, Objective-C, C#) 
• Extensive experience with common software security flaws
• Excellent analytical and problem-solving skills 
• Strong technical communication skills with the ability to effectively communicate product architectures and design proposals
• Interest in software security and secure development

Nice to have:

• Proficient in multiple additional programming and scripting languages (e.g., Go, C/C++, Scala, Python, JavaScript)
• Source code auditing experience (especially Fortify SCA)
• Experience working in a large enterprise software development environment (e.g., agile, scrum)
• Data science or AI experience

One last thing:

OpenText is more than just a corporation, it's a global community where trust is foundational, the bar is raised, and outcomes are owned. 

Join us on our mission to drive positive change through privacy, technology, and collaboration. At OpenText, we don't just have a culture; we have character. Choose us because you want to be part of a company that embraces innovation and empowers its employees to make a difference.

#LI-KP2

OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws.

If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us at Our proactive approach fosters collaboration, innovation, and personal growth, enriching OpenText's vibrant workplace.