Senior Security Engineer

About The Position

Requirements

• Bachelor’s Degree in Computer Science or related field AND 5 years plus of dedicated IT Security experience OR 7+ years of equivalent IT experience with a strong focus on security.
• Proven expertise in evaluating information systems for threats and vulnerabilities and designing mitigation strategies.
• Demonstrated expertise in the management, optimization, and automation of security tools (e.g., SIEM, EDR, IDS/IPS, anti-virus, patch management, vulnerability management, application security static/dynamic analysis, etc.).
• Knowledge of security best practices, frameworks
• Deep understanding of application security concepts, secure coding practices, and DevSecOps principles.
• Relevant security certifications (e.g., CISSP, OSCP, CISM, GIAC certifications) are highly preferred; multiple certifications are a strong plus.
• Active participation and contribution to the open source and/or local IT/InfoSec community (e.g., presenting at conferences, contributing to tools) is a plus.

Nice To Haves

• Relevant security certifications (e.g., CISSP, OSCP, CISM, GIAC).
• Experience contributing to open-source security tools or participating in the InfoSec community.
• Experience delivering technical briefings, brown-bag sessions, or advanced internal training.

Responsibilities

• Advanced Detection Engineering: Designing and tuning high-fidelity detection logic and complex alerting telemetry to identify sophisticated adversary techniques (TTPs) that bypass standard security controls.
• Infrastructure Hardening & Segmentation: Engineering and implementing least privilege, code-based security controls for high-risk network zones; Debugging and optimizing intricate security policy enforcement conflicts within multi-cloud environments..
• Engineered Preventative Controls: Building and deploying custom security wrappers, hardened "Golden Images," and automated policy-as-code to programmatically prevent common attack vectors across the enterprise.
• Complex Firewall & WAF Optimization: Managing intricate firewall configurations, including deep packet inspection (DPI) tuning and custom WAF rule-writing for specialized web applications.
• Technical Benchmarking & PoC Execution: Leading the rigorous technical evaluation and stress-testing of new security technologies; performing deep-dive "bake-offs" to ensure tools meet high-performance requirements.
• Tier III Escalation & "Impossible" Debugging: Acting as the final technical authority for critical security outages or bypasses; debugging kernel-level security issues or complex system interactions that Tier II cannot resolve.
• Security Stack Performance Tuning: Optimizing the throughput, reliability, and resource consumption of security agents and platforms to ensure zero impact on production system performance.
• Advanced Security Automation (SOAR/API): Writing complex scripts and building custom API integrations to bridge gaps between security tools, enabling sophisticated, automated response workflows (SOAR).
• Autonomous Technical Delivery: Proven ability to drive multiple high-stakes technical projects from concept to execution with total autonomy and surgical precision.
• Technical Information Synthesis: Expertise in distilling highly granular technical data (e.g., packet captures, stack traces, raw logs) into actionable insights for both technical peers and non-technical leadership.
• Advanced Domain Mastery: In-depth technical proficiency and "hands-on-keyboard" experience in at least three of the following: Advanced Incident Response: Complex triage and remediation of multi-stage attacks. Network/System Hardening: Developing "gold standard" configurations for heterogeneous environments. Cloud Security Engineering: Deep technical knowledge of CSP primitives (AWS IAM, Azure NSGs, GCP Service Accounts) and automated deployment. Advanced SOC Analysis: Expert-level log correlation and hunting within massive datasets (SIEM/XDR). Threat Intelligence Integration: Demonstrated ability to ingest raw threat intelligence and convert it into custom defensive signatures or proactive system modifications.
• Scientific Problem Solving: Exceptional analytical skills with the ability to apply the scientific method to troubleshoot "ghost in the machine" security issues and validate the efficacy of new controls.
• Technical Initiative: Ability to work independently to identify security gaps and engineer solutions without waiting for a directive.
• High-Stakes Communication: Excellent interpersonal skills with the ability to maintain composure and provide clear technical direction during high-pressure security events.
• Technical Force Multiplication: Strong ability to elevate the team’s technical ceiling through advanced peer reviews, "deep-dive" technical documentation, and hands-on mentoring of mid-level engineers.
• Specialized Knowledge Sharing: Experience developing and delivering high-level technical briefings and "brown-bag" sessions for engineering and DevOps teams on advanced security topics.

Benefits

• Competitive pay
• Medical, dental, and vision benefits with employer HSA contributions (US) and FSA options (US)
• Immediately vested 401K (US) or RRSP (Canada) with company match
• Paid Vacation, Personal, and Sick Time
• Paid maternity and paternity leave (US)
• Employer-paid short-term disability, long-term disability, life insurance, and AD&D (US)
• Robust Employee Assistance Program
• Employer paid Leap into Service Day to volunteer
• Tuition Reimbursement for eligible programs
• Opportunities to expand your skill set and share your knowledge across a publicly traded, global organization
• Company culture of internal promotions, diverse career paths, and meaningful advancement