PointClickCare is a leading North American healthcare technology platform enabling meaningful care collaboration and real‐time patient insights. For over 20 years, the company has been focused on realizing its vision: to help create a world in which providers and plans can confidently deliver frictionless care. Since its inception, PointClickCare has grown exponentially, with over 2,200 employees working to impact millions across North America. Recognized by Forbes as one of the top 100 private cloud companies and acknowledged by Waterstone Human Capital as Canada’s Most Admired Corporate Cultures, PointClickCare leads the way in creating cloud-based healthcare software.
At PointClickCare, we offer a wealth of opportunities and a vibrant culture that empowers our employees. Our dynamic environment is the perfect place to advance your career while engaging in meaningful work alongside incredible colleagues. Here, you’ll discover a space where your talents can thrive, your career can grow, and your work will have a lasting impact on healthcare across North America. We believe that work becomes profoundly fulfilling when driven by a higher purpose.
Join us and be part of a team that is making a real impact.
To learn more about us, check out Life at PointClickCare and connect with us on Glassdoor and LinkedIn.
The Team
The Application Security team consists of a group of highly skilled engineers who are passionate about safeguarding our company’s applications and platforms. With a mix of remote and hybrid team members, we embrace flexibility while fostering strong collaboration across projects. Our team operates at the forefront of application security, offering opportunities to work on innovative solutions, tackle complex challenges, and make a meaningful impact on the company’s security posture. Joining this team means becoming part of a supportive environment that values growth, learning, and cutting-edge security practices.
The Senior App Sec Engineer plays a key role in ensuring the security of our applications and systems by supporting the design and implementation of secure architecture practices. This role exists to help the organization proactively identify and mitigate security risks during the development lifecycle, ensuring alignment with industry best practices and compliance standards. As a Junior Architect, you will collaborate with development teams to integrate security into application designs, assist with threat modeling, and support the adoption of secure coding standards. This position provides an excellent opportunity to grow technical and architectural skills in a fast-paced, security-first environment.
Key Responsibilities
· Assist in designing secure application and system architectures that align with organizational and compliance requirements.
· Collaborate with senior architects and development teams to ensure security is integrated into design and development processes.
· Responsible for contributing to the development of secure and scalable frameworks by assisting senior architects in designing and implementing foundational components that align with organizational security standards and best practices.
· Document security controls and architectural decisions for future reference.
· Perform threat modeling to identify and evaluate potential security risks in application designs.
· Work with cross-functional teams to recommend mitigation strategies for identified threats.
· Maintain and update threat models as applications and systems evolve.
· Provide guidance on secure coding practices and assist development teams in adhering to security standards.
· Review technical specifications and requirements to ensure security is embedded throughout the development lifecycle.
· Conduct security-focused design reviews for new features and applications.
· Support the implementation and integration of security tools into CI/CD pipelines.
· Help monitor and analyze tool outputs to identify and prioritize security improvements.
· Research and suggest tools or technologies to enhance security architecture practices.
· Assist in developing and delivering training sessions on secure design principles and practices.
· Stay current with industry trends and emerging threats to contribute to team knowledge sharing.
Qualifications and Skills
· 5-7 years of experience in equivalent role.
· Bachelor’s degree in computer science, Cybersecurity, or related field.
· Basic understanding of OWASP Top 10 and common vulnerabilities (e.g., SQLi, XSS, CSRF).
· Familiarity with advanced vulnerability classes, such as business logic flaws and secure application design principles.
· Awareness of software architecture patterns and principles (e.g., microservices, REST APIs).
· Understanding of secure architecture frameworks like SABSA or CSA.
· Good exposure to threat modeling techniques (e.g., STRIDE).
· Hands-on experience performing and documenting threat models for applications and systems.
· Familiarity with secure software development lifecycle (SDLC) principles.
· Experience integrating security requirements into SDLC and collaborating with development teams.
· Proficiency in a programming language (e.g., Java, JavaScript and Python).
· Awareness of cloud security principles and basic knowledge of platforms like AWS, Azure, or GCP.
· Hands-on experience implementing or auditing cloud security controls in a major cloud provider.
· Strong analytical skills with the ability to communicate basic security concepts to development teams.
· Proven ability to lead discussions on security design, risk prioritization, and architecture improvements.
· Familiarity with security tools (e.g., static code analysis, SAST/DAST tools).
· Experience configuring and using security tools within CI/CD pipelines for automated security testing.
#LI-AJ1
#LI-hybrid
PointClickCare Benefits & Perks:
Benefits starting from Day 1!
Retirement Plan Matching
Flexible Paid Time Off
Wellness Support Programs and Resources
Parental & Caregiver Leaves
Fertility & Adoption Support
Continuous Development Support Program
Employee Assistance Program
Allyship and Inclusion Communities
Employee Recognition … and more!
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact [email protected] should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: [email protected]
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.
Top Skills
PointClickCare Mississauga, Ontario, CAN Office
5570 Explorer Drive, Mississauga, Ontario, Canada
