Co-op/Intern Application Security Analyst, Product Security

Location

This is a hybrid position. You must be in the Ottawa, Canada office, at least three days a week.

About the team

The Product Security team is responsible for the Security Development Lifecycle at Kinaxis. Identifying and remediating security related flaws across Kinaxis’ software applications, “red teaming” new features, threat modeling, security assessments and enhancing our overall security posture are core to our team responsibilities.

This is a full-time, 8-month position, starting September 2025. 

To be eligible for a Co-op or Intern position at Kinaxis, you must either be currently enrolled in full-time education or, if you are a recent/upcoming graduate, your graduation date must be within 12 months of the placement end date.

As an intern in Product Security, you will partner closely with stakeholders across the business, including Corporate IT, Cloud Services, Product Development and technology partners to contribute to the implementation of security solutions and controls.

This role is ideal for someone passionate about both software development and cybersecurity – someone who enjoys digging into code, understanding how systems work, identifying their flaws and offering recommendations on remediation.

You will have exposure to the full software development lifecycle and develop skills in areas such as threat modeling, static / dynamic analysis, vulnerability management, offensive security and more.

What you will do

• Identify security risks at the application level, at each stage of development, and proactively work to ensure that risks are assessed and mitigated across the business
• Integrate static and/or dynamic code analysis tools into the SDLC
• Arrange or conduct vulnerability and penetration tests against defined systems
• Monitor application security trends and evolving technologies and keep senior management informed about related application security issues and implications for Kinaxis
• Assist in performing risk assessments, threat modeling and other product security related reviews
• Review and triage of SAST and SCA reports, working with developers to prioritize and remediate findings

What we are looking for

• Completion of the 2nd year of a Computer Sciences / Computer Engineering program, Cybersecurity or related field
• Basic knowledge of technical skills relevant to Application Security such as secure coding, application security testing, ethical hacking techniques, vulnerability and threat management
• Hands-on experience with vulnerability management and penetration testing tools (e.g. NMAP, Burp Suite, OWASP ZAP, Nexpose, SonarQube, Metasploit, etc.)
• Familiarity with one or more programming languages such as JavaScript, PowerShell, Python, Java, C#, etc.
• Familiarity with the OWASP Top 10
• Highly adaptable and able to pivot based on prioritization and needs of the business; proactively solicits feedback to ensure alignment
• Excellent communication and collaboration skills

Things that would definitely help

• Experience with Docker and / or Kubernetes, Jenkins
• Participation in CTFs, security clubs or open-source contributions
• Understanding of CI / CD pipelines and DevSecOps practices

We’re accepting applications now through end of day on Friday, May 30, 2025. Please note that we may begin reviewing applications before the posting closes, so early submission is encouraged. 

#Coop, #Internship, #Intern, #LI-EN1

Work With Impact: Our platform directly helps companies power the world’s supply chains. We see the results of what we do out in the world every day—when we see store shelves stocked, when medications are available for our loved ones, and so much more. 

Work with Fortune 500 Brands: Companies across industries trust us to help them take control of their integrated business planning and digital supply chain. Some of our customers include Ford, Unilever, Yamaha, P&G, Lockheed-Martin, and more. 

Social Responsibility at Kinaxis: Our Diversity, Equity, and Inclusion Committee weighs in on hiring practices, talent assessment training materials, and mandatory training on unconscious bias and inclusion fundamentals. Sustainability is key to what we do and we’re committed to net-zero operations strategy for the long term. We are involved in our communities and support causes where we can make the most impact.

People matter at Kinaxis and these are some of the perks and benefits we created for our team:

• Flexible vacation and Kinaxis Days (company-wide day off on the last Friday of every month)
• Flexible work options
• Physical and mental well-being programs
• Regularly scheduled virtual fitness classes
• Mentorship programs and training and career development
• Recognition programs and referral rewards
• Hackathons

For more information, visit the Kinaxis web site at www.kinaxis.com or the company’s blog at http://blog.kinaxis.com.

Kinaxis welcomes candidates to apply to our inclusive community. We provide accommodations upon request to ensure fairness and accessibility throughout our recruitment process for all candidates, including those with specific needs or disabilities. If you require an accommodation, please reach out to us at recruitmentprograms@kinaxis.com. Please note that this contact information is strictly for accessibility requests and cannot be used to inquire about application statuses.

Kinaxis is committed to ensuring a fair and transparent recruitment process. We use artificial intelligence (AI) tools in the initial step of the recruitment process to compare submitted resumes against the job description, to identify candidates whose education, experience and skills most closely match the requirements of the role. After the initial screening, all subsequent decisions regarding your application, including final selection, are made by our human recruitment team. AI does not make any final hiring decisions.