Senior Security Engineer

About The Position

Requirements

• Degree in information technology, computer science, cybersecurity, or a related field.
• 5+ years of experience in security analysis, incident response, or a related field.
• AWS Security Certification or equivalent experience.
• Relevant industry certifications, such as CISSP, CISM, GIAC Certified Incident Handler (GCIH), or Offensive Security Certified Professional (OSCP).
• In-depth knowledge of security principles, concepts, and best practices.
• Strong understanding of network protocols, operating systems, and common vulnerabilities.
• Proven experience applying Infrastructure as Code (IaC) principles and utilizing scripting/automation, along with modern AI assistants, to streamline daily security workflows and incident response.
• Firm understanding of containerization and orchestration platforms (Kubernetes, Helm, Docker) along with robust image and dependency management practices.
• Knowledge of security frameworks and standards, such as NIST, ISO 27001, and CIS Controls.
• Familiarity with regulatory requirements, such as PCI DSS and GDPR.
• Understanding of the threat landscape surrounding AI technologies, specifically evaluating and securing cloud and agent-based models.
• Strong analytical and problem-solving skills, paired with excellent communication and collaboration abilities.
• Specific Technology Stack Experience (Note: Experience with equivalent or similar tools is completely acceptable): Logging & SIEM: Splunk. Cloud & Endpoint: CrowdStrike (Host and CSPM), AWS Security, Cloud Firewalls (AWS/Fortinet). Automation & IaC: Terraform, CloudFormation, Ansible, or similar automation frameworks and scripting languages (e.g., Python, Bash). Containers & Orchestration: Kubernetes, Helm, Docker, and dependency/image management tools. Pipeline Security: CI/CD pipeline security (DAST/SAST/SCA), such as Sonarcloud, Snyk, GitHub, Quay, and Artifactory. Network & Edge: Cloudflare/CloudFront (DDoS, WAF, CDN), ZScaler (ZTA). Vuln Management: TenableIO (Vulnerability and Configuration Management). SaaS & Email: Proofpoint (DNS/Mail), Google Workspace, Atlassian, Slack. Device Management: Mac-based MDM systems like IRU or Kandji.

Responsibilities

• Embed Automation & AI Enhancement in Daily Workflows: Continually leverage generative AI, scripting, and Infrastructure as Code (IaC) across all tasks—from incident triage to playbook creation—to reduce manual toil, accelerate decision-making, and scale security operations.
• Lead and oversee day-to-day security operations, utilizing AI-assisted analysis to ensure rapid and proper coordination of response with all parties of interest.
• Ensure all incident tickets are assigned accordingly and resolved while establishing and complying with operations SLAs.
• Improve alert signal-to-noise ratios and integrate external threat intel with security monitoring tools.
• Regularly update and continuously improve threat detection use cases, utilizing AI tools to assist in rapid rule generation and threat modeling.
• Ensure the efficient and effective function of all security tools across the organization.
• Continuously fine-tune our SIEM to reduce false positives, leveraging advanced ML/AI capabilities where available to ensure pertinent data sources are onboarded and adequately parsed.
• Identify, assess, and mitigate emerging AI risks, with a specific focus on vulnerabilities related to cloud-based AI services and agent-based AI architectures.
• Manage and secure cloud environments, utilizing cloud firewalls and endpoint/CSPM platforms.
• Deploy and maintain Zero Trust Architecture (ZTA).
• Administer edge protections, including DDoS mitigation, WAF, and CDN configurations.
• Oversee enterprise-wide vulnerability and configuration management.
• Secure user SaaS-based tools, including platforms like Google Workspace, Atlassian, and Slack.
• Manage Mac-based laptop and mobile device management (MDM) platforms.
• Maintain comprehensive DNS and mail security/monitoring.
• Integrate and manage security within the CI/CD pipeline, including DAST, SAST, and SCA.
• Secure the software development lifecycle by integrating and managing scanning and repository tools.
• Manage and secure containerized environments, ensuring safe image builds, dependency management, and secure deployments.
• Manage the development of security documents, such as incident playbooks and security operations procedures.
• Develop and exercise playbooks for different types of attacks, keeping all security operations documents up to date.
• Lead and mentor junior personnel within the security team.

Benefits

• Semi-annual bonus plan
• Best-in-Class Equipment: The most modern MacBook and Apple equipment.
• Prime Location: Our downtown Vancouver office offers coastal views and access to the building fitness center.
• Flexibility: Generous benefits, including a family leave top-up program and our Work-From-Anywhere policy.
• Fully stocked cupboards
• Weekly catered team lunches
• Daily JJ Bean coffee runs
• Extended health and dental benefits
• Paid time off
• Savings and retirement plan matching
• Parenthood top-up
• Mentorship programs
• Leadership series