Security Engineer

Canopy•South Jordan, UT

2h•Hybrid

About The Position

Canopy is a fast-growing SaaS company in South Jordan, Utah building simple, efficient software for accounting firms. We are looking to revolutionize the accounting space with modern, user-friendly software for a neglected industry. We aim to help our clients unlock the firm they’ve always wanted with our Practice Management Suite. We place a strong emphasis on delighting our customers, spotting and solving problems, and being good people along the way. And we just secured $70M in Series C funding to help us fulfill that mission. Click here to see why our clients (and investors) love Canopy. Interested in learning more about Canopy & the industry? Check out our blog here where you can find great information on our product features, industry news, practice management, and more! Canopy is looking for a Security Engineer to join our growing security team and help execute on our security roadmap. In this role, you will focus on detection engineering, compliance operations, and customer-facing security activities. You will write and tune detection rules in our SIEM, support SOC 2 audits and Trust Services Criteria expansion, respond to customer security questionnaires, and assist with endpoint security operations. This is a great opportunity for someone who thrives on operational security work and wants to grow within a collaborative, fast-moving SaaS environment. This can be a hybrid position in South Jordan, Utah (M, W, F in-office) or fully remote based from Utah, reporting to the Director of DevOps, Security & IT.

Requirements

3+ years of experience in information security, with hands-on experience in detection engineering, compliance operations, or security operations.
Experience working at a SaaS company.
Practical detection engineering skills, including writing and tuning rules in a production SIEM (Datadog preferred, Splunk, Elastic, or similar).
Hands-on experience with a GRC platform (Drata, Vanta, or equivalent), not just theoretical SOC 2 knowledge.
Experience responding to customer security questionnaires and supporting external audits.
Familiarity with compliance frameworks such as SOC 2, CIS Controls, or NIST CSF.
Strong attention to detail and ability to manage multiple compliance and security workstreams simultaneously.
Clear written and verbal communication skills, particularly for customer-facing compliance work.

Nice To Haves

Experience with endpoint security tools (JAMF Pro, SentinelOne, CrowdStrike Falcon, or Cloudflare Zero Trust).
Familiarity with macOS MDM/fleet management and endpoint hardening.
Exposure to DLP policy authoring, secure web gateway deployment, or CASB configuration.
Relevant certifications (Security+, GSEC, CCSK, or similar).
Experience with AWS security services or cloud security fundamentals.

Responsibilities

Write, tune, and maintain detection rules in Datadog (SIEM) to identify threats, reduce false positives, and improve alert quality across the environment.
Support SOC 2 audit cycles, including evidence collection, control mapping, and auditor coordination within Drata.
Drive progress on Trust Services Criteria (TSC) expansion and CIS Controls v8 implementation, mapping controls and documenting compliance evidence.
Respond to customer security questionnaires and support customer-facing compliance activities.
Assist with endpoint security operations under the direction of a Senior Security Engineer, including JAMF Pro, SentinelOne or CrowdStrike Falcon, and Cloudflare Zero Trust (DLP, SWG, CASB).
Help maintain and improve compliance documentation, security policies, and internal procedures.
Execute on security roadmap items, contributing to projects across detection, compliance, and operational security.

Benefits

Flexible Paid Time Off - you’re actually encouraged to use, plus 10 company holidays!
Health Benefits - including Medical, Dental, and Vision and an HSA Match.
401(k) - we match 100% up to 3% of your contribution. Eligibility is immediate with 100% vesting.
Mental Health - all employees have access to Impact Suite & to our Employee Assistance Program (EAP).
Paid New Parent Leave & Birthing Parent Leave - so you’re able to care for your little ones.
Supplemental Benefits - including 100% company paid Basic Life & AD&D insurance and long & short-term disability coverage.
Nectar - our peer-to-peer recognition program to help our employees recognize the amazing work being done by other Canopians!
Company Events - including monthly company-wide meetings, summer parties, and more.
ERG Committees - to plan initiatives around continuing education, community outreach, recruiting, onboarding, and more.
Fully-stocked kitchen - Keto? Vegan? Flexitarian? Mandalorian? We’ve got you covered.