Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Security Engineer

Posted 10 days agoViewed

View full description

💎 Seniority level: Senior, 5+ years

📍 Location: Canada

🔍 Industry: Software Development

🏢 Company: Platform.sh👥 251-500💰 $140,000,000 Series D over 2 years agoInternetOpen SourcePaaSCloud ManagementSoftware

🗣️ Languages: English

⏳ Experience: 5+ years

🪄 Skills: AWSPythonSQLCloud ComputingCybersecurityElasticSearchKibanaKubernetesActiveMQApache KafkaCommunication SkillsAnalytical SkillsCollaborationCI/CDProblem SolvingRESTful APIsLinuxDevOpsTerraformComplianceJSONRisk ManagementAnsibleScripting

Requirements:
  • 5+ years of experience in security engineering or a related field, with deep knowledge of cloud security, security architecture, and secure development practices.
  • Hands-on experience with security tools for vulnerability management, threat detection, and incident response. Strong command of Linux systems, including kernel, core utilities, terminal, and shell scripting.
  • Proficiency in programming or scripting languages to automate security operations and improve security workflows.
  • Experience working with audit, compliance, and governance teams to support regulatory requirements.including ISO 27001, PCI-DSS, and SOC 2, ensuring security best practices are followed.
  • A proactive approach to security challenges, with the ability to assess risks, identify vulnerabilities, and propose effective solutions.
  • Strong communication skills to articulate security concepts to both technical and non-technical audiences, working effectively across teams.
  • Ability to challenge the status quo, think outside the box, and introduce innovative security solutions.
Responsibilities:
  • Design and implement scalable security solutions to protect our cloud-based infrastructure and services.
  • Lead security architecture reviews, conduct threat modeling, and implement security controls to reduce risk.
  • Identify, assess, and resolve vulnerabilities in our open-source stack, including LXC/Linux, from discovery to remediation.
  • Enhance detection and response capabilities, automate security monitoring, and actively contribute to our defense strategy by understanding and challenge Common Vulnerabilities and Exposures (CVE) of our infrastructure stack
  • Contribute to our active defense strategy by integrating tools to automate and enhance detection and remediation.
  • Work with engineering, product, and compliance teams to embed security into development workflows and ensure secure software delivery.
  • Participate in the on-call rotation, providing expert security support for internal teams and customer-related incidents.
Apply

Related Jobs

Apply
🔥 Senior Software Security Engineer - (Remote - Canada)
Posted 3 days ago

📍 Canada

🔍 Software Development

🏢 Company: Jobgether👥 11-50💰 $1,493,585 Seed about 2 years agoInternet

  • 5+ years of experience in Product Security, with a strong focus on security architecture and application security testing.
  • Hands-on experience with Python or Go programming languages.
  • In-depth knowledge of OIDC specifications, OAuth 2.0, JWT, and related security protocols.
  • Familiarity with application security principles, vulnerabilities, and offensive security techniques like red teaming.
  • Strong understanding of secure engineering practices, session management, and multi-factor authentication.
  • Ability to work in an ambiguous environment and make informed security decisions with limited data.
  • Conduct security architecture reviews and threat modeling to ensure the security of the platform.
  • Develop core security features such as OIDC/OAuth flows and session management to ensure secure AI agent interactions.
  • Implement secure coding practices for handling sensitive data, including JWT validation and encryption.
  • Advise on authentication mechanisms, token management, and authorization checks to maintain data integrity.
  • Design and execute simulated attacks to evaluate the resilience of systems and applications.
  • Collaborate with cross-functional teams to communicate security best practices and influence decision-making.

PythonOAuthGo

Posted 3 days ago
Apply
Apply
🔥 Staff Application Security Engineer
Posted 4 days ago

📍 United States, Canada

🧭 Full-Time

💸 154160.0 - 247690.0 USD per year

🔍 Software Development

  • 7+ years of experience in application security, including 2+ years of software development focused on security.
  • Expertise in secure software design, secure coding, and web application security, with a strong commitment to risk reduction and sustainable security practices.
  • Experience with Threat Modeling, penetration testing, and identifying high-complexity application vulnerabilities.
  • Experience with software supply chain security and led bug bounty programs and security tooling initiatives.
  • Successfully implemented and improved secure development lifecycle (SDLC) processes, including planning, communication, and automation.
  • Led and delivered multi-quarter, complex security projects, application security roadmaps, and medium to large security programs in collaboration with engineering teams.
  • Experience mentoring other application security engineers and fostering security best practices across organizations.
  • Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
  • Bring security best practices to the software development lifecycle.
  • Work as part of a team to champion security standards while balancing business strategies and requirements.
  • Support Webflow’s security current and future compliance frameworks
  • Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings.
  • Contribute code and architecture improvements to enable security within Webflow’s application for engineers.
  • Cross-train entry and mid-level application security engineers

AWSSoftware DevelopmentCybersecurityCI/CDRESTful APIsMentoringCompliance

Posted 4 days ago
Apply
Apply
🔥 Staff Application Security Engineer
Posted 4 days ago

📍 United States, Canada

🧭 Full-Time

💸 154160.0 - 281060.0 CAD per year

🔍 Software Development

🏢 Company: Webflow👥 501-1000💰 $120,000,000 Series C almost 3 years ago🫂 Last layoff 8 months agoCMSWeb HostingWeb Design

  • 7+ years of experience in application security, including 2+ years of software development focused on security.
  • Expertise in secure software design, secure coding, and web application security, with a strong commitment to risk reduction and sustainable security practices.
  • Experience with Threat Modeling, penetration testing, and identifying high-complexity application vulnerabilities.
  • Have worked on software supply chain security and led bug bounty programs and security tooling initiatives.
  • Have successfully implemented and improved secure development lifecycle (SDLC) processes, including planning, communication, and automation.
  • Have led and delivered multi-quarter, complex security projects, application security roadmaps, and medium to large security programs in collaboration with engineering teams.
  • Have experience mentoring other application security engineers and fostering security best practices across organizations.
  • Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
  • Bring security best practices to the software development lifecycle.
  • Work as part of a team to champion security standards while balancing business strategies and requirements.
  • Support Webflow’s security current and future compliance frameworks
  • Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings.
  • Contribute code and architecture improvements to enable security within Webflow’s application for engineers.
  • Cross-train entry and mid-level application security engineers

AWSDockerPythonSoftware DevelopmentCybersecurityGitKubernetesCI/CDRESTful APIsMentoringDevOpsComplianceJSON

Posted 4 days ago
Apply
Apply
🔥 Senior Cloud Security Engineer
Posted 15 days ago

📍 United States, Canada

🧭 Full-Time

💸 120000.0 - 150000.0 CAD per year

🔍 Blockchain Infrastructure

🏢 Company: Figment👥 11-50HospitalityTravel AccommodationsArt

  • 3+ years of experience in Cloud Security, DevOps, or Platform Engineering.
  • Strong experience with AWS and/or GCP security principles.
  • Hands-on experience managing Kubernetes clusters.
  • Up-to-date knowledge of cloud security advisories.
  • Experience in scripting for automation.
  • Design, implement, and manage security controls for cloud infrastructure in AWS and GCP.
  • Develop and enforce security policies, IAM roles, and least privilege access across cloud environments.
  • Implement and maintain cloud security monitoring, logging, and alerting.
  • Secure Kubernetes workloads and conduct regular cloud security assessments.
  • Deploy and maintain cloud infrastructure using code.

AWSCybersecurityGCPKubernetesCI/CDTerraformScripting

Posted 15 days ago
Apply
Apply
🔥 Senior Security Engineer
Posted 16 days ago

📍 United States, Canada

🧭 Full-Time

💸 124000.0 - 155000.0 USD per year

🔍 Software Development

🏢 Company: Recharge👥 11-50Electronics

  • 5+ years of experience in network and/or security roles, with a focus on edge security tools
  • 2+ years experience with k8s, Helm, IaC, Terraform, Docker, Linux, Kubernetes, etc
  • 2+ years experience with Monitoring, Metrics and Logging (Splunk) solutions
  • 2+ years experience in cloud-native environments such as GCP, AWS, or Azure
  • In-depth knowledge of network protocols, firewall configurations, and intrusion detection/prevention systems
  • Cloud infrastructure security knowledge including hardening standards, CSPM tools, VPN/remote access management and authentication technologies such as SAML, OAuth
  • Robust understanding of WAF technologies such as Akamai, Cloudflare, Google Cloud Armor, Imperva, etc
  • Experience configuring SIEM tools such as Splunk, LogRhythm, FileVault, etc
  • Extensive knowledge of Vulnerability Management practices
  • Understanding of virus and malware defense systems such as Crowdstrike, Sentinel One, Trend Micro, etc
  • Understanding of backup systems and disaster recovery planning
  • Experience with security assessment tools and techniques
  • Design, implement, and maintain secure cloud / network architectures, ensuring the confidentiality, integrity, and availability of data.
  • Review IAM and access controls to ensure adherence to the principles of least privilege.
  • Create and maintain network and security documentation.
  • Collaborate with cross-functional teams to integrate security measures into network designs and implementations.
  • Manage Endpoint / EDR / XDR / Anti-malware tools and policies
  • Monitor network traffic for unusual activity and respond to security incidents in a timely manner.
  • Audit and review user and merchant network activity to ensure system and data safety
  • Conduct regular vulnerability assessments on network infrastructure to identify and remediate potential security risks.
  • Maintain and continuously improve incident response plans, participate in tabletop exercises, and lead incident response efforts when necessary.
  • Mentor other engineers on security configurations and best practices
  • Investigate, analyze and evangelize good security posture throughout the organization
  • Automate security tools and processes where possible

AWSDockerCloud ComputingGCPKubernetesAzureLinuxTerraformCompliance

Posted 16 days ago
Apply
Apply
🔥 Senior Staff Security Engineer (Architect), Remote
Posted 17 days ago

📍 United States, Canada

🧭 Full-Time

🔍 Health-Tech

  • 6+ years of experience in Cloud Native environments
  • 3+ years in a dedicated application security role
  • Proficient in coding languages such as Python, R, C++, and JavaScript
  • Design and deploy advanced security controls
  • Conduct code reviews and vulnerability assessments
  • Integrate security tools into infrastructure

AWSPythonGCPMachine LearningAzureTerraform

Posted 17 days ago
Apply
Apply
🔥 Senior Staff Application Security Engineer
Posted 25 days ago

📍 United States, Canada, United Kingdom

🧭 Full-Time

💸 150000.0 - 210000.0 CAD per year

🔍 Application Security

🏢 Company: Ping Identity👥 1001-5000💰 $35,000,000 Series F over 10 years ago🫂 Last layoff over 1 year agoGovernmentSecurityIdentity ManagementSoftware

  • 4+ years of proficiency in a mix of Enterprise Application Security, API Security, Web Application Security, and Mobile Application Security
  • 4+ years of developing commercial or open-source products (experience in Java or Javascript preferred) or equivalent experience
  • Exceptional problem-solving skills, curiosity about the inner workings of systems and showing attention to details and documentation
  • Excellent written and oral communication skills
  • Own multiple Security Engineering assignments working with Ping Identity products, processes and tooling
  • Provide technical leadership and mentor other Product Security Engineers
  • Assist in proposing, developing and improving Secure Software Development Lifecycle (SSDLC) practices alongside global, high-performance product engineering teams
  • Work with the product teams to perform architectural, security design/code reviews, vulnerability assessment and management
  • Perform security tasks including (but not limited to) threat modeling, developer training, static code analysis, dynamic runtime fuzzing, building custom tools and automation, and exploit development.
  • Innovate in all aspects of automation of SSDLC tasks including use of Generative AI
  • Assist the presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security
  • Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product

AWSSoftware DevelopmentCybersecurityJavaJavascriptLDAPOAuthCI/CDRESTful APIsLinuxDevOps

Posted 25 days ago
Apply
Apply
🔥 Staff Security Engineer - Data Protection (Data Security Architect), Remote
Posted about 1 month ago

📍 United States, Canada

🧭 Full-Time

🔍 Data Security

  • Data Security Architect
  • Expertise in data and automation.
  • Design, implement, and maintain security services that support our business.
  • Understand data and automation are important ingredients to our mission and know how to actively employ these ingredients at scale.
  • Partner cross-functionally across various teams, driving impactful outcomes and further securing our digital landscape.

AWSCloud ComputingCybersecurityData engineeringMicroservicesComplianceData management

Posted about 1 month ago
Apply
Apply
🔥 Staff Security Engineer - Data Protection (Data Security Architect), Remote
Posted about 1 month ago

📍 United States, Canada

🧭 Full-Time

🔍 Health-Tech

  • BS/BTech in Computer Science, IT, Cybersecurity, or related field
  • 8+ years securing Cloud Native applications
  • 5+ years in a dedicated data security role
  • Familiarity with DLP and DSPM tools
  • Knowledge of health-tech systems preferred
  • Lead development and maintenance of security strategies
  • Design and deploy security controls
  • Mentor new engineers
  • Shape security services strategy

Cloud ComputingCybersecurity

Posted about 1 month ago
Apply
Apply
🔥 Senior Security Engineer II - IAM (Fully Remote)
Posted about 2 months ago

📍 United States, Canada

🧭 Full-Time

🔍 Security

  • In-depth knowledge of IAM principles, standards, and best practices
  • Experience in managing authentication, authorization, and provisioning
  • Ability to partner cross-functionally to drive impactful outcomes and further strengthening our digital landscape
  • Enhance the security posture of our enterprise, cloud-native environments, and applications
  • Design, implement, and maintain robust IAM solutions, managing authentication, authorization, and provisioning across diverse platforms
  • Collaborate closely with various teams to ensure alignment between IAM solutions and organizational security requirements, enabling secure and seamless access across the enterprise

AWSCloud ComputingCybersecurityLDAPOAuth

Posted about 2 months ago
Apply