Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Senior Security Engineer

Posted 2 days agoViewed

View full description

💎 Seniority level: Senior, 3–5 years

📍 Location: Canada

💸 Salary: 123600.0 - 193000.0 USD per year

🔍 Industry: SaaS

⏳ Experience: 3–5 years

🪄 Skills: PythonSoftware DevelopmentCybersecurityJavaRuby on RailsC#API testingCommunication SkillsCI/CDLinuxDevOpsExcellent communication skillsJSONSoftware EngineeringSaaS

Requirements:
  • Strong software development skills (ideally with Ruby on Rails, but experience with Python, Java, or C# is also welcome).
  • Solid understanding of secure development practices, including threat modelling, secure code review, the principles of DevSecOps, and deep understanding of API security principles and best practices.
  • Experience collaborating with product and engineering teams to improve security posture.
  • Experience building or integrating security automation tools into CI/CD pipelines or developer workflows, including familiarity with SCA/SCA/DAST tools.
Responsibilities:
  • Help teams build and maintain secure systems by conducting threat modelling, manual and automated testing, and guiding secure design practices throughout the SDLC.
  • Evaluate the security posture of both internal features and third-party solutions through code reviews, architectural assessments, and vendor risk evaluations.
  • Drive continuous improvement by triaging vulnerabilities, building and integrating security automation into CI/CD pipelines, and adapting processes to keep pace with evolving threats.
  • Collaborate closely with developers and Security Champions to scale secure development practices and embed a culture of shared responsibility for security.
Apply

Related Jobs

Apply
🔥 Senior Security Engineer
Posted 1 day ago

📍 Canada

🔍 SaaS

  • Strong software development skills (ideally with Ruby on Rails, but experience with Python, Java, or C# is also welcome).
  • Solid understanding of secure development practices, including threat modelling, secure code review, the principles of DevSecOps, and deep understanding of API security principles and best practices.
  • Experience collaborating with product and engineering teams to improve security posture.
  • Experience building or integrating security automation tools into CI/CD pipelines or developer workflows, including familiarity with SCA/SCA/DAST tools.
  • Excellent communication skills and high emotional intelligence—you’re able to navigate complex conversations, build trust across teams, and influence without being prescriptive.
  • Help teams build and maintain secure systems by conducting threat modelling, manual and automated testing, and guiding secure design practices throughout the SDLC.
  • Evaluate the security posture of both internal features and third-party solutions through code reviews, architectural assessments, and vendor risk evaluations.
  • Drive continuous improvement by triaging vulnerabilities, building and integrating security automation into CI/CD pipelines, and adapting processes to keep pace with evolving threats.
  • Collaborate closely with developers and Security Champions to scale secure development practices and embed a culture of shared responsibility for security.

PythonSoftware DevelopmentJavaRuby on RailsC#API testingCommunication SkillsCI/CDSaaS

Posted 1 day ago
Apply
Apply
🔥 Senior Security Engineer
Posted 20 days ago

📍 Canada

🧭 Full-Time

💸 150000.0 - 172000.0 USD per year

🔍 Software Development

🏢 Company: Procurify👥 101-250💰 $20,000,000 5 months agoCloud ComputingSaaSSupply Chain ManagementEnterprise SoftwareFinTechSoftwareProcurement

  • 4+ years of experience working as a SecOps Engineer
  • Experience mitigating and maintaining compliance controls (e.g. , ISO27001, SOC2, PCI DSS)
  • Experience with containerized applications running in AWS
  • A strong understanding of cloud infrastructure networking and security policies
  • Familiarity with infrastructure as code tools such as Terraform
  • A history of effective collaboration with development teams to uphold security best practices (OWASP, etc.)
  • Adept at working with a high degree of autonomy and initiative.
  • Strong problem-solving, technical design, and analytical skills.
  • Able to balance multiple competing priorities while solving challenging problems.
  • Excellent teamwork and communication with other software engineers, your leadership, and others with less technical backgrounds.
  • Act with compassion and empathy for others.
  • Believe that your team’s success is your success.
  • Work with your team and across the Product Engineering teams to design and deploy processes and tools that help our teams raise the security standard at Procurify and deliver a secure product for our customers
  • Follow DevSecOps principles to shift security left
  • Work with engineering teams to ensure that security is a major driver of our engineering designs
  • Complete STRIDE assessments for each significant security engineering feature
  • Develop best-in-class security policies for our application development and cloud infrastructure
  • Maintain a high degree of compliance across the organization
  • Implement and monitor a SIEM tool to detect and remediate security events
  • Detect, triage and respond to security incidents within SLOs
  • Collaborate with product development teams to mitigate and prevent security vulnerabilities
  • Detect, triage, and mitigate vulnerabilities in collaboration with the engineering teams

AWSPythonCloud ComputingCybersecurityKubernetesAnalytical SkillsCI/CDProblem SolvingRESTful APIsDevOpsTerraformMicroservicesComplianceExcellent communication skillsTeamwork

Posted 20 days ago
Apply
Apply
🔥 Senior Security Engineer (Governance, Risk, and Compliance)
Posted 20 days ago

📍 Canada, United States

🧭 Full-Time

💸 143000.0 - 210000.0 USD per year

🔍 Security

  • Minimum of 5+ years of combined experience in security, GRC, risk, or a related space with hands-on technical work building automation solutions as they relate to compliance controls, evidence, GRC platforms, etc.
  • Experience in effectively analyzing data and programs for security risk, compliance, and maturity.
  • Willingness to wear different hats and work on areas where needed.
  • Must excel in communication, and demonstrate the ability to explain technical security concepts to a non-technical audience.
  • Must have a highly collaborative and teamwork-focused approach, as well as a heart for mentoring and leveling up your teammates.
  • Must be able to assess and mitigate corporate risk within the organization.
  • Sophisticated program/project management abilities.
  • Nice to have: experience with Drata and/or Vanta (integrations, automation, onboarding as a GRC platform).
  • Own, design and manage the continued enhancement of various GRC programs including but not limited to strategy, roadmap, and controls to address regulatory requirements across multiple jurisdictions.
  • Communicate our compliance framework and various program requirements to all relevant stakeholders (internal and external).
  • Engage cross-functionally (with groups such as Engineering, Finance, Legal, Product, and Sales) to establish a thoughtful, strategic and tactical approach to multiple GRC programs and related processes.
  • You will assist with analysis and preparation for internal and external audits.
  • Accurately and effectively communicate our compliance position and programs to auditors and customers.
  • Partner with other members of the security team to establish security guidelines that enable the organization to move fast in a safe and secure manner.
  • To operate as a technical leader by helping define the GRC roadmap and by leveling up junior employees.
  • Build strong relationships with partner and stakeholder teams in order to build a scalable GRC program.

Project ManagementSQLCloud ComputingCybersecurityData AnalysisCommunication SkillsAnalytical SkillsCollaborationMentoringDevOpsComplianceRisk Management

Posted 20 days ago
Apply
Apply
🔥 Senior Security Engineer
Posted 23 days ago

📍 Canada

🧭 Full-Time

🔍 Software Development

🏢 Company: Docker👥 251-500💰 $105,000,000 Series C about 3 years agoDeveloper ToolsDeveloper PlatformInformation TechnologySoftware

  • 5+ years of experience security engineering roles, with a focus on product security, infrastructure security, ideally in a cloud-first environment
  • 3+ years of experience developing in Python or Golang
  • Knowledge of secure coding principles and experience with security testing tools (SAST, DAST) within CI/CD pipelines
  • Understand, authentication, authorization, including technologies like OAuth, SAML, OIDC, MFA, cryptography applications and Zero Trust principals.
  • Strong cloud expertise with hands-on experience in cloud ecosystems (e.g: AWS, GCP, or Azure)
  • Knowledge on securing containerized environments: (Docker, Kubernetes) and implementing runtime security tools
  • Previous experience evolving and enforcing policies to assist co-workers in maintaining corporate and cloud security
  • Familiar with data privacy and compliance regulations (e.g, SOC 2, ISO 27xxx, GDPR, CCPA, FIPS) aligning security initiatives
  • Embed security best practices within the Software Development Lifecycle (SDLC), including secure coding, code review, and application security testing
  • Partner closely with engineering to drive security architecture and processes that implement security controls across our software and systems
  • Design and enforce security configurations in cloud environments (e.g. AWS), including IAM roles, security groups, and VPC segmentation
  • Establish automated monitoring and alerting to detect anomalies or potential breaches across cloud infrastructure
  • Maintain cloud and infrastructure security: AWS Security Hub, AWS IAM, AWS Key Management (KMS), OPA for Terraform
  • Take ownership, define strategy, and drive improvement for part so our security program such as threat modeling, secrets management, or container security
  • Plan and perform product security assessments including architecture review, threat modeling, code review, pen testing and general security consulting to proactively build security controls
  • Partner with detection and response to create new capabilities or respond to security events
  • Work with leadership to align security initiatives with business goals, ensuring that security is a core component of product and infrastructure
  • Serve as a security subject matter expert for software security and architecture
  • Educate and collaborate with cross-functional teams (e.g., engineering, product) to promote security practices
  • Have the ability to participate in our incident response team on-call rotation

AWSDockerPythonSoftware DevelopmentCloud ComputingCybersecurityKubernetesOAuthGoCI/CDRESTful APIsLinuxDevOpsTerraformCompliance

Posted 23 days ago
Apply
Apply
🔥 Senior Security Engineer
Posted about 2 months ago

📍 Canada

🧭 Full-Time

🔍 Financial services / Cryptocurrency

🏢 Company: Shakepay👥 51-100💰 $35,197,607 Series A about 3 years agoCryptocurrencyBitcoinPaymentsFinTech

  • 5+ years of broad Security experience, including Enterprise & Operational Security, Incident Response, Offensive Security, GRC, and Product Security.
  • 5+ years experience in a cloud environment, preferably AWS.
  • Proficiency in a high-level programming language for automation and alert capabilities.
  • Exceptional communication skills for managing expectations and scope.
  • Experience in a highly regulated environment, preferably a startup.
  • Work closely with teams to design security solutions balancing security needs with customer experience and product growth.
  • Serve as a subject matter expert and mentor in security domains.
  • Manage internal and external relationships regarding security processes.
  • Lead threat modeling for production and development systems.
  • Own and improve the Zero Trust environment.
  • Build and automate alert responses in code.
  • Participate in an on-call rotation during incidents.
  • Engage in governance, compliance, and regulatory audits.

AWSCybersecurityGitCompliance

Posted about 2 months ago
Apply
Apply
🔥 Senior Security Engineer II - Application Security, Remote
Posted 2 months ago

📍 United States, Canada

Understand data and automation.
  • Design, implement, and maintain security services that support our business.
  • Partner cross-functionally across various teams, driving impactful outcomes and further securing our digital landscape.

AWSDockerCybersecurityData AnalysisREST API

Posted 2 months ago
Apply
Apply
🔥 Senior Security Engineer II - IAM (Fully Remote)
Posted 2 months ago

📍 United States, Canada

🧭 Full-Time

🔍 Security

In-depth knowledge of IAM principles, standards, and best practices
  • Design, implement, and maintain robust IAM solutions
  • Manage authentication, authorization, and provisioning across diverse platforms
  • Collaborate with teams to align IAM solutions and security requirements

AWSCloud ComputingCybersecurityLDAPOAuth

Posted 2 months ago
Apply