Senior Application Security Engineer
HelloFreshRole Overview
HelloFresh is hiring a Senior Application Security Engineer. This is a full-time role in Toronto, Ontario. Part of HelloFresh's Mobile hiring, posted last week. Full responsibilities, required qualifications, and the apply link are listed in the description below.
Salary Context
Salary is not disclosed in this posting. Market median for Senior-level Mobile roles is $150k-$203k (based on 73 comparable listings). Many employers share specifics during the interview process or after an initial screen.
Resume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
Job description
S'more about the team
We’re looking for a new teammate to join us on the journey of keeping HelloFresh a trusted name - someone with a passion for security and appetite for new challenges. Security Engineers work in a variety of ways to constantly iterate and improve HelloFresh’s security posture.
You will be part of the squad responsible for maintaining and improving HelloFresh’s Vulnerability Management Program which provides umbrella coverage to Pentest, Red Teaming, Cloud Assessment, Source Code Review, use of vulnerable dependencies, Supply Chain Audits and Bug Bounty program.
Lettuce share what this role will be responsible for
- Perform network/cloud penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
- Use formal project management skills in planning, tracking, and reporting to close the remediation loop
- Recognize and safely utilize attacker tools, tactics, and procedures used to perform analysis and identify vulnerabilities
- Develop scripts, tools, or methodologies to improve HelloFresh's Vulnerability Management Program
Sound a-peeling? Here's what we're looking for
- 4-7 years' experience demonstrating above average ability in any 4 of the following areas of offensive security: Network, Wireless, Cloud, Web, Mobile, API Assessments, Source Code Review, Red Teaming, Social Engineering
- Thorough understanding of network protocols, data on the wire, client-server model, application design and architecture, and different classes of application security flaws
- Proven proficiency in one modern scripting language like Python or Go
- Relevant application penetration testing certifications such as Offensive Security Web Expert (OSWE) certification, GIAC Web Application Penetration Tester (GWAPT), or equivalent mobile/web certification
- Participation in web hacking challenges, competitions or bug bounties
- Development of tools or plugins used to conduct security testing and analysis
- Developing, extending, or modifying exploits, shellcode or exploit tools
- Source code review for control flow and security flaws
- Strong knowledge of tools used for cloud, wireless, web application, and network security testing
Let’s cut to the cheese, this is why you'll love it here
- Box Discount - Amazing discounts on 1 box per week! 75% discount on weekly HelloFresh and Chefs Plate meal kits AND 50% off weekly Factor meal box.
- Health & Wellness - Health & Dental benefits from day 1, a Health Spending Account, unlimited access to the Headspace app to meet your self-care needs, and 25% discount on GoodLife fitness memberships!
- Vacation & PTO - Time off is also an important part of self-care! We offer generous vacation and PTO to help you create a good work-life balance.
- Family Benefits - A parental leave top-up program for expectant parents.
- Growth & Development - We support your career progression and invest in your continued learning through experiences and initiatives owned by our dedicated L&D team
- Work Hard & Have Fun - From team socials to engaging company days, you’ll have plenty of opportunity to experience the fun!
- Diversity & Inclusion Initiatives - With impactful ERG’s like FreshPride, Women Empowered and LIMES, we are committed to our diversity, equity & inclusion efforts.
- Food Puns - this one is kind of a big dill if you haven’t already noticed. We even have some punny meeting room names!
Flexible Hybrid Approach
At HelloFresh, we know that flexible work arrangements are essential in enabling you to do your best work, while balancing your personal and life needs. Offering remote work flexibility, along with the opportunity to interact and collaborate in the office are all a part of creating a great employee experience.
To meet these needs, we are pleased to provide Flexible Hybrid work. Flexible Hybrid is a people-first approach that is based on choice, trust, personalization, and empowers teams to choose when and how often they work from the office and work from home, in addition to team days and company days. This means a minimum of 2 days in office per week, with most teams in office between 2-3 days a week.
#LI-HYBRID
HelloFresh Canada uses AI-integrated technology to help us process and evaluate applications more efficiently. This includes tools that screen and assess candidate qualifications based on the requirements for this role. While these tools assist our workflow, all final selection decisions are made by our hiring team.
This is a posting for an existing vacancy. We are actively seeking to fill this position.
About HelloFresh
HelloFresh
hellofresh.com
143 other open roles at HelloFresh on TryApplyNow.
Frequently Asked Questions
How do I apply for the Senior Application Security Engineer position at HelloFresh?
Use the Apply button above to submit your application directly to HelloFresh. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.
Where is the Senior Application Security Engineer position at HelloFresh located?
This position is based in Toronto, Ontario. HelloFresh has not indicated remote or hybrid options for this role, so candidates should plan for on-site work.
What does a Senior Application Security Engineer at HelloFresh earn?
HelloFresh has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.
When was the Senior Application Security Engineer role at HelloFresh posted?
This role was posted on July 1, 2026 (11 days ago). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.
How much experience does the Senior Application Security Engineer role at HelloFresh require?
This is a senior-level position. Most senior roles call for 5+ years of directly relevant experience. HelloFresh lists their specific requirements in the description below, so review the must-have qualifications closely before applying.
Similar Jobs
Senior React Native Developer, Growth
HelloFresh
Senior Executive IT Support Specialist
NICE
Software Engineer, New Grad, Developer & End User Experience Platform
Stripe
Senior Android Engineer, iRAD
Robinhood
Quality Engineer, iOS/Android
Robinhood
More Jobs at HelloFresh
View all →[US DC] Senior Manager, Planning
HelloFresh
Staff Product Manager, Customer Decisioning & CLV
HelloFresh
Sous Chef
HelloFresh
Senior Manager, Business Development - Factor for Business
HelloFresh
Senior Construction Manager
HelloFresh
AI-powered job search
Get every job scored to your resume
Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.
Get started freeNo credit card to start