Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Senior Security Engineer

Posted 2 days agoViewed

View full description

💎 Seniority level: Senior, 3–5 years

📍 Location: Canada

🔍 Industry: SaaS

⏳ Experience: 3–5 years

🪄 Skills: PythonSoftware DevelopmentJavaRuby on RailsC#API testingCommunication SkillsCI/CDSaaS

Requirements:
  • Strong software development skills (ideally with Ruby on Rails, but experience with Python, Java, or C# is also welcome).
  • Solid understanding of secure development practices, including threat modelling, secure code review, the principles of DevSecOps, and deep understanding of API security principles and best practices.
  • Experience collaborating with product and engineering teams to improve security posture.
  • Experience building or integrating security automation tools into CI/CD pipelines or developer workflows, including familiarity with SCA/SCA/DAST tools.
  • Excellent communication skills and high emotional intelligence—you’re able to navigate complex conversations, build trust across teams, and influence without being prescriptive.
Responsibilities:
  • Help teams build and maintain secure systems by conducting threat modelling, manual and automated testing, and guiding secure design practices throughout the SDLC.
  • Evaluate the security posture of both internal features and third-party solutions through code reviews, architectural assessments, and vendor risk evaluations.
  • Drive continuous improvement by triaging vulnerabilities, building and integrating security automation into CI/CD pipelines, and adapting processes to keep pace with evolving threats.
  • Collaborate closely with developers and Security Champions to scale secure development practices and embed a culture of shared responsibility for security.
Apply

Related Jobs

Apply
🔥 Senior Security Engineer, Detection & Response (Eastern Preferred)
Posted about 8 hours ago

📍 Canada

🧭 Full-Time

🔍 Software Development

🏢 Company: Docker👥 251-500💰 $105,000,000 Series C about 3 years agoDeveloper ToolsDeveloper PlatformInformation TechnologySoftware

  • Background in Information Security, Computer Science, Computer Engineering, Forensics, or equivalent work experience.
  • 4-5 years of hands-on experience in detection and response, including triage and incident response in enterprise SaaS environments.
  • Proven experience in building log ingestion and normalization pipelines across diverse systems.
  • Expertise in Detection as Code, particularly using Python and SQL.
  • Subject matter expert in endpoint security and/or cloud security.
  • Strong working knowledge of Mac, Linux, and Windows operating systems.
  • Hands-on experience with major cloud infrastructures, including AWS, Azure, and GCP.
  • Experience with Kubernetes is a nice-to-have.
  • Demonstrated experience working across multiple teams in collaborative security roles.
  • Monitor, detect, and respond to cybersecurity threats, lead incident investigations, conduct root cause analysis, and automate threat detection and hunting.
  • Develop detection and response playbooks and participate in on-call rotations.
  • Design, implement, and maintain log ingestion, parsing, and normalization pipelines across endpoint, network, cloud, and application logs.
  • Ensure log consistency across EDR, SIEM, SOAR, and threat detection tools.
  • Use Terraform, Kubernetes, and scripting to automate log infrastructure in cloud environments and improve security monitoring efficiency.
  • Ensure log storage and retention meet regulatory and security requirements, support audit to maintain compliance
  • Work with Product Security, Infrastructure, DevOps, and IT on various initiatives to mature the Detection Engineering program and strengthen Docker’s overall security posture.
  • Partner with stakeholders to improve threat intelligence, detection, and incident response capabilities.

AWSPythonSQLCloud ComputingCybersecurityGCPKubernetesMac OS XAzureLinuxDevOpsTerraformComplianceScripting

Posted about 8 hours ago
Apply
Apply
🔥 Senior Security Engineer, Infrastructure Security
Posted about 14 hours ago

📍 Canada, United States

🧭 Full-Time

💸 156000.0 - 210000.0 USD per year

🔍 Security

  • Minimum of 6 years combined experience as a software, infrastructure, and/or security engineer.
  • Demonstrated success at designing, implementing, deploying, securing, and monitoring highly-available, critical production systems with broad company impact.
  • Hands-on experience with a variety of technologies and approaches in both the cloud infrastructure and security spaces; e.g. service identity, workload hardening, networking, authentication and authorization, software supply chain, etc.
  • Expertise with AWS Service Control Policies and permission boundaries.
  • Experience with software development (Golang preferred).
  • Design, build, and maintain tooling, software, and systems for securing our cloud infrastructure.
  • Own the delivery and success of infrastructure security projects that span engineering teams.
  • Work with cross-functional partners to define the best security solutions for our infrastructure and reduce unnecessary friction, while maintaining a high degree of software development velocity.
  • Provide technical leadership and mentorship to fellow engineers on the team.

AWSSoftware DevelopmentAWS EKSCloud ComputingCybersecurityKubernetesGoCI/CDRESTful APIsLinuxDevOpsTerraformNetworkingScriptingSoftware Engineering

Posted about 14 hours ago
Apply
Apply
🔥 Senior Security Engineer
Posted 3 days ago

📍 Canada

🧭 Full-Time

💸 123600.0 - 193000.0 USD per year

🔍 SaaS

  • Strong software development skills (ideally with Ruby on Rails, but experience with Python, Java, or C# is also welcome).
  • Solid understanding of secure development practices, including threat modelling, secure code review, the principles of DevSecOps, and deep understanding of API security principles and best practices.
  • Experience collaborating with product and engineering teams to improve security posture.
  • Experience building or integrating security automation tools into CI/CD pipelines or developer workflows, including familiarity with SCA/SCA/DAST tools.
  • Help teams build and maintain secure systems by conducting threat modelling, manual and automated testing, and guiding secure design practices throughout the SDLC.
  • Evaluate the security posture of both internal features and third-party solutions through code reviews, architectural assessments, and vendor risk evaluations.
  • Drive continuous improvement by triaging vulnerabilities, building and integrating security automation into CI/CD pipelines, and adapting processes to keep pace with evolving threats.
  • Collaborate closely with developers and Security Champions to scale secure development practices and embed a culture of shared responsibility for security.

PythonSoftware DevelopmentCybersecurityJavaRuby on RailsC#API testingCommunication SkillsCI/CDLinuxDevOpsExcellent communication skillsJSONSoftware EngineeringSaaS

Posted 3 days ago
Apply
Apply
🔥 Senior Security Engineer
Posted 20 days ago

📍 Canada

🧭 Full-Time

💸 150000.0 - 172000.0 USD per year

🔍 Software Development

🏢 Company: Procurify👥 101-250💰 $20,000,000 5 months agoCloud ComputingSaaSSupply Chain ManagementEnterprise SoftwareFinTechSoftwareProcurement

  • 4+ years of experience working as a SecOps Engineer
  • Experience mitigating and maintaining compliance controls (e.g. , ISO27001, SOC2, PCI DSS)
  • Experience with containerized applications running in AWS
  • A strong understanding of cloud infrastructure networking and security policies
  • Familiarity with infrastructure as code tools such as Terraform
  • A history of effective collaboration with development teams to uphold security best practices (OWASP, etc.)
  • Adept at working with a high degree of autonomy and initiative.
  • Strong problem-solving, technical design, and analytical skills.
  • Able to balance multiple competing priorities while solving challenging problems.
  • Excellent teamwork and communication with other software engineers, your leadership, and others with less technical backgrounds.
  • Act with compassion and empathy for others.
  • Believe that your team’s success is your success.
  • Work with your team and across the Product Engineering teams to design and deploy processes and tools that help our teams raise the security standard at Procurify and deliver a secure product for our customers
  • Follow DevSecOps principles to shift security left
  • Work with engineering teams to ensure that security is a major driver of our engineering designs
  • Complete STRIDE assessments for each significant security engineering feature
  • Develop best-in-class security policies for our application development and cloud infrastructure
  • Maintain a high degree of compliance across the organization
  • Implement and monitor a SIEM tool to detect and remediate security events
  • Detect, triage and respond to security incidents within SLOs
  • Collaborate with product development teams to mitigate and prevent security vulnerabilities
  • Detect, triage, and mitigate vulnerabilities in collaboration with the engineering teams

AWSPythonCloud ComputingCybersecurityKubernetesAnalytical SkillsCI/CDProblem SolvingRESTful APIsDevOpsTerraformMicroservicesComplianceExcellent communication skillsTeamwork

Posted 20 days ago
Apply
Apply
🔥 Senior Security Engineer (Governance, Risk, and Compliance)
Posted 21 days ago

📍 Canada, United States

🧭 Full-Time

💸 143000.0 - 210000.0 USD per year

🔍 Security

  • Minimum of 5+ years of combined experience in security, GRC, risk, or a related space with hands-on technical work building automation solutions as they relate to compliance controls, evidence, GRC platforms, etc.
  • Experience in effectively analyzing data and programs for security risk, compliance, and maturity.
  • Willingness to wear different hats and work on areas where needed.
  • Must excel in communication, and demonstrate the ability to explain technical security concepts to a non-technical audience.
  • Must have a highly collaborative and teamwork-focused approach, as well as a heart for mentoring and leveling up your teammates.
  • Must be able to assess and mitigate corporate risk within the organization.
  • Sophisticated program/project management abilities.
  • Nice to have: experience with Drata and/or Vanta (integrations, automation, onboarding as a GRC platform).
  • Own, design and manage the continued enhancement of various GRC programs including but not limited to strategy, roadmap, and controls to address regulatory requirements across multiple jurisdictions.
  • Communicate our compliance framework and various program requirements to all relevant stakeholders (internal and external).
  • Engage cross-functionally (with groups such as Engineering, Finance, Legal, Product, and Sales) to establish a thoughtful, strategic and tactical approach to multiple GRC programs and related processes.
  • You will assist with analysis and preparation for internal and external audits.
  • Accurately and effectively communicate our compliance position and programs to auditors and customers.
  • Partner with other members of the security team to establish security guidelines that enable the organization to move fast in a safe and secure manner.
  • To operate as a technical leader by helping define the GRC roadmap and by leveling up junior employees.
  • Build strong relationships with partner and stakeholder teams in order to build a scalable GRC program.

Project ManagementSQLCloud ComputingCybersecurityData AnalysisCommunication SkillsAnalytical SkillsCollaborationMentoringDevOpsComplianceRisk Management

Posted 21 days ago
Apply
Apply
🔥 Senior Security Engineer
Posted 23 days ago

📍 Canada

🧭 Full-Time

🔍 Software Development

🏢 Company: Docker👥 251-500💰 $105,000,000 Series C about 3 years agoDeveloper ToolsDeveloper PlatformInformation TechnologySoftware

  • 5+ years of experience security engineering roles, with a focus on product security, infrastructure security, ideally in a cloud-first environment
  • 3+ years of experience developing in Python or Golang
  • Knowledge of secure coding principles and experience with security testing tools (SAST, DAST) within CI/CD pipelines
  • Understand, authentication, authorization, including technologies like OAuth, SAML, OIDC, MFA, cryptography applications and Zero Trust principals.
  • Strong cloud expertise with hands-on experience in cloud ecosystems (e.g: AWS, GCP, or Azure)
  • Knowledge on securing containerized environments: (Docker, Kubernetes) and implementing runtime security tools
  • Previous experience evolving and enforcing policies to assist co-workers in maintaining corporate and cloud security
  • Familiar with data privacy and compliance regulations (e.g, SOC 2, ISO 27xxx, GDPR, CCPA, FIPS) aligning security initiatives
  • Embed security best practices within the Software Development Lifecycle (SDLC), including secure coding, code review, and application security testing
  • Partner closely with engineering to drive security architecture and processes that implement security controls across our software and systems
  • Design and enforce security configurations in cloud environments (e.g. AWS), including IAM roles, security groups, and VPC segmentation
  • Establish automated monitoring and alerting to detect anomalies or potential breaches across cloud infrastructure
  • Maintain cloud and infrastructure security: AWS Security Hub, AWS IAM, AWS Key Management (KMS), OPA for Terraform
  • Take ownership, define strategy, and drive improvement for part so our security program such as threat modeling, secrets management, or container security
  • Plan and perform product security assessments including architecture review, threat modeling, code review, pen testing and general security consulting to proactively build security controls
  • Partner with detection and response to create new capabilities or respond to security events
  • Work with leadership to align security initiatives with business goals, ensuring that security is a core component of product and infrastructure
  • Serve as a security subject matter expert for software security and architecture
  • Educate and collaborate with cross-functional teams (e.g., engineering, product) to promote security practices
  • Have the ability to participate in our incident response team on-call rotation

AWSDockerPythonSoftware DevelopmentCloud ComputingCybersecurityKubernetesOAuthGoCI/CDRESTful APIsLinuxDevOpsTerraformCompliance

Posted 23 days ago
Apply