Cloud Security Engineer
New
Remote-first flexibility to work where you work best, with Ottawa, Toronto, Calgary, or Vancouver preferred for this role.Full-TimeMiddle
Salary100,000 - 110,000 CAD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 4+ years of security engineering experience, including 2+ years focused on cloud security in AWS and/or Google Cloud.
- Required Skills
- AWSPythonGCPGoCI/CDTerraformHIPAA
Requirements
- 4+ years of security engineering experience, including 2+ years focused on cloud security in AWS and/or Google Cloud.
- Strong understanding of cloud-native attack paths, IAM risks, network controls, data protection, key management, secrets management, and workload identity.
- Hands-on experience with infrastructure-as-code, ideally Terraform, and a strong understanding of how to secure it at scale.
- Ability to write code in Python, Go, or a similar language to automate detection, remediation, and security workflows.
- Experience integrating security tooling into CI/CD pipelines and developer workflows.
- Working knowledge of at least one compliance framework such as SOC 2, HIPAA, HITRUST, PCI-DSS, or ISO 27001.
- Strong communication and collaboration skills.
Responsibilities
- Design and implement cloud security controls across AWS and Google Cloud, including multi-account architecture, network segmentation, data protection, and secure-by-default infrastructure patterns.
- Build reusable Terraform modules, reference architectures, policy-as-code guardrails, and self-service tooling that make secure implementation easier for engineering teams.
- Operate and tune CSPM/CNAPP tooling to identify misconfigurations, exposures, toxic combinations, and coverage gaps across Fullscript’s cloud environments.
- Drive remediation of cloud vulnerabilities and misconfigurations, balancing risk, engineering effort, customer impact, and business priorities.
- Strengthen IAM, secrets management, key rotation, cloud credentials, machine identities, and just-in-time access patterns across cloud and SaaS environments.
- Embed security into CI/CD pipelines through IaC scanning, container image scanning, SBOM generation, artifact protection, and software supply chain controls.
- Partner with the SOC and engineering teams on cloud-native detections, logging, runbooks, incident response, post-incident learning, and secure AI/ML workload patterns.
View Full Description & ApplyYou'll be redirected to the employer's site
