Activate JobCopilot
This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Lead Security Engineer in Canada.
This role sits at the heart of a modern, engineering-driven security organization focused on building resilient, scalable, and secure systems in a fully remote, North America–based environment. You will act as a technical and operational leader across cloud security, application security, detection & response, and privacy domains. The position combines hands-on engineering with strategic security leadership, ensuring security is embedded across all layers of infrastructure and product development. You will work closely with infrastructure, IT, and engineering teams to define and enforce security standards in cloud-native environments. Beyond technical execution, you will help shape security culture, governance, and compliance maturity across the organization. This is a high-impact role where your work directly strengthens trust, compliance, and resilience at scale.
Accountabilities:
- Lead the design, implementation, and continuous improvement of security standards, policies, and monitoring systems, ensuring alignment with secure-by-design and zero-trust principles
- Develop and maintain policy-as-code frameworks to enable automated detection, enforcement, and rapid incident response across cloud environments
- Partner with infrastructure and engineering teams to ensure secure cloud deployments, Kubernetes security, and adherence to internal security controls
- Own and manage SOC 2 and related compliance programs end-to-end, including audits, evidence collection, remediation tracking, and auditor coordination
- Lead incident response activities including on-call support, tabletop exercises, post-incident reviews, and security drills to strengthen organizational readiness
- Manage vulnerability disclosure processes, triage external reports, and ensure timely remediation of security issues
- Oversee security risk management, vendor assessments, customer security questionnaires, and regular reporting of security metrics to leadership
Requirements:
- Strong hands-on experience in cloud security and infrastructure security, ideally within GCP environments and Kubernetes-based architectures
- Proficiency in at least one programming language such as Go, Python, or TypeScript, with the ability to build and maintain internal security tooling
- Demonstrated experience leading SOC 2 or equivalent compliance programs, including audits, evidence collection, and remediation processes
- Proven background in incident response operations, including on-call participation, root cause analysis, and tabletop exercises
- Experience handling security questionnaires, vendor risk assessments, and external security communications with customers and partners
- Strong understanding of modern security practices such as defense in depth, secure-by-design, and zero trust architectures
- Excellent written and verbal communication skills, with the ability to engage effectively across engineering, leadership, auditors, and external stakeholders
- Strong ownership mindset, with the ability to operate autonomously in a fast-paced, distributed engineering environment
Benefits:
- Fully remote-first work environment across North America
- Competitive salary aligned with experience and market benchmarks
- Comprehensive health, dental, and vision insurance coverage
- Flexible vacation policy and work hours supporting work-life balance
- Generous parental leave for all employees
- High-quality equipment and home office support to enable productive remote work
- Collaborative, high-performance engineering culture with strong peer support and autonomy
Your email job alert is now active!
