Lead Application Security Researcher (Fortify)

Job Description

Lead Application Security Researcher (Fortify)

OpenText is a global leader in information management, where innovation, creativity, and collaboration are the core of our corporate culture. As a member of our team, you will partner with world‑leading companies, tackle complex challenges, and contribute to projects that shape the future of digital transformation.

About Our Team

OpenText Software Security Research (SSR) Team focuses on security from the perspective of how we build and use software. The team conducts security research that leads to enhanced security products, whitepapers, conference presentations, and the Cyber Risk Report. We have identified new types of software vulnerabilities, defined the taxonomy used by all Fortify products, and highlighted broad security problems in development practices.

Your Impact

A Software Security Research role at OpenText is more than a job; it is an opportunity to impact safety, security, and lives. As a key contributor, you will master application security research techniques, programming languages, standards, best practices, and vulnerability types. You will monitor industry trends, collaborate with internal teams, SMEs, external customers, auditors, and other stakeholders, and define the next generation of vulnerability techniques. Your engineering and research mindset will drive innovative security solutions that address real‑world problems.

What The Role Offers

• Create algorithms that help people find potential vulnerabilities in their code


• Identify 0 days in open‑source projects and customer code


• Investigate and implement techniques to exploit security vulnerabilities


• Discover new methods for automatic identification of vulnerabilities


• Extract the essence of known vulnerabilities to shape future products


• Educate and evangelize security best practices to users and peers


• Publish and present Fortify’s research and other relevant security topics


• Keep up with and assess the latest trends in software security

What You Need To Succeed

• Master’s or PhD in Computer Science, Cyber Security, or Engineering with 3+ years in security engineering or a software development role focused on enterprise security; alternatively, a Bachelor’s degree with 5+ years of relevant application security experience.


• In‑depth understanding of mobile and/or web enterprise application programming languages (e.g., Java, Kotlin, Swift, Objective‑C, C#).


• Extensive experience with common software security flaws.


• Excellent analytical and problem‑solving skills.


• Strong technical communication skills and the ability to effectively communicate product architectures and design proposals.


• Interest in software security and secure development.

Nice To Have

• Proficiency in additional programming and scripting languages (e.g., Go, C/C++, Scala, Python, JavaScript).


• Source code auditing experience, especially with Fortify SCA.


• Experience in a large enterprise software development environment (e.g., agile, scrum).


• Data science or AI experience.

One Last Thing

OpenText is more than a corporation; it is a global community where trust is foundational, the bar is raised, and outcomes are owned. Join us to drive positive change through privacy, technology, and collaboration. Our inclusive work environment goes beyond compliance with applicable laws. Our Employment Equity and Diversity Policy ensures an environment inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or any other protected basis. If you need assistance or a reasonable accommodation due to a disability during the application or recruiting process, please contact hr@opentext.com.

Seniority Level

Mid‑Senior level

Employment Type

Full‑time

Job Function

Information Technology

Industries

Software Development

Location

Ottawa/Richmond Hill/Waterloo, ON - Hybrid