Senior Security Engineer

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Security Engineer in Canada.

In this role, you will take ownership of application and infrastructure security across R&D and production environments, helping shape a modern, cloud-first security strategy. You will work in a DevOps-oriented culture where security is embedded directly into engineering practices, ensuring that secure-by-design principles are applied throughout the software lifecycle. Collaborating closely with engineering leadership and the security function, you will drive initiatives spanning threat modeling, incident response, and security architecture improvements. This position combines hands-on technical execution with strategic influence, allowing you to define standards and elevate security maturity across teams. You will operate primarily in AWS-based environments with supporting services in Google Cloud Platform, contributing to a continuously deployed, high-scale product ecosystem. The environment is fast-moving, collaborative, and focused on innovation, ownership, and impact.

Accountabilities:

• Design, implement, and evolve security practices across application and infrastructure environments, including threat modeling, risk mitigation, and incident response
• Lead and execute security initiatives based on internal assessments, penetration testing results, bug bounty findings, and architecture reviews
• Embed security best practices into the software development lifecycle, ensuring secure-by-design principles in all new deployments
• Collaborate with engineering teams to improve application security across web and mobile systems
• Drive security roadmap planning in alignment with company-wide priorities and cross-functional stakeholders
• Promote a strong security-first culture by advocating best practices and enabling shared ownership across engineering teams
• Support cloud security initiatives in AWS and GCP environments, including efforts toward Zero Trust architecture adoption
• Work with automation and infrastructure-as-code tools such as Terraform to improve security scalability and consistency

Requirements:

• 5+ years of experience in application security, cloud security, or related engineering roles
• Strong knowledge of modern security principles, including secure software development practices for web and mobile applications
• Experience working in cloud environments, particularly AWS, with familiarity in GCP as a plus
• Hands-on experience with infrastructure-as-code tools such as Terraform and automation-driven security workflows
• Strong understanding of threat modeling, architecture review processes, and common attack vectors and exploitation techniques
• Ability to work effectively both independently and collaboratively in DevOps-oriented environments
• Excellent communication skills with the ability to explain complex security concepts to technical and non-technical audiences
• Bachelor’s degree in Computer Science, Engineering, or equivalent practical experience

Benefits:

• Flexible remote-first work environment across Canada, with optional hybrid access to Toronto office
• Competitive health benefits starting from day one
• Strong focus on professional learning and continuous development opportunities
• Collaborative, mission-driven culture focused on customer impact and innovation
• Innovative PTO policy supporting work-life balance and personal wellbeing
• Exposure to modern technologies including cloud-native systems and generative AI
• Strong engineering culture with focus on ownership, performance, and growth
• Supportive leadership team and highly engaged, passionate work environment

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Why Apply Through Jobgether? Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time. #LI-CL1