Own platform security and reliability improvements across our GCP environment.
Harden identity and network controls in GCP (IAM patterns, service accounts and workload identity, organization policies, and network segmentation controls).
Build security into CI/CD by implementing and enforcing scanning and policy controls (SAST, SCA, secret detection, and container/image scanning).
Drive vulnerability management and supply chain risk reduction across services, dependencies, container images, and build pipelines.
Lead threat modeling and security design reviews for new features and material architecture changes.
Improve security observability and detection quality by tuning telemetry, reducing noise, and building high-signal detections and dashboards.
Lead investigations and coordinate incident response for security alerts and incidents, and drive follow-ups from post-mortems into preventative improvements.
Champion secure SDLC practices through standards, documentation, guardrails, and coaching for product engineering teams.
Define and maintain end-user device security standards, including requirements for security agents such as EDR and remote access tooling, and partner with stakeholders for operational execution.
Support compliance and audit readiness by conducting internal security reviews and helping align practices with frameworks and regulations (SOC 2, GDPR, NIST), including evidence support where needed.

Requirements

5+ years of relevant experience spanning cloud infrastructure and security (DevSecOps, platform security, security engineering, SRE with strong security focus).
Deep hands-on experience with GCP (preferred) or AWS, including strong fundamentals in cloud networking and identity.
Strong hands-on experience with Kubernetes and service networking.
Strong Infrastructure-as-Code skills (for example Terraform) and the ability to build reusable, maintainable automation.
Practical experience integrating security into CI/CD and engineering workflows, including scanners and policy enforcement.
Experience with incident response: investigation, coordination, post-incident follow-through, and continuous improvement.
Experience with vulnerability management and software supply chain risk.
Comfortable partnering cross-functionally and driving work end-to-end in ambiguous areas.

Benefits

Competitive salaries with RRSP/401k matching and comprehensive medical, dental, and health insurance.
A flexible time-off policy and the choice to work remote, hybrid, or from our Toronto HQ.
Stipends for your home office setup and continuous professional learning.
The opportunity to do high-impact work at a mission-driven organization.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

GCPAWSKubernetesInfrastructure-as-CodeTerraformCI/CDSASTSCAvulnerability managementsecurity engineering

Soft Skills

leadershipcommunicationcross-functional collaborationincident responseproblem-solvingcoachinginvestigationcoordinationcontinuous improvementambiguity management

Certifications

SOC 2GDPRNIST