Senior Security Engineer, Corporate AI Security
Homebase (YC W21)
PythonRuby
Principal Security Engineer
Sylogist, Ltd.
full-time
Posted on:
Location: 🇨🇦 Canada
Visit company websiteJob Level
Lead
Tech Stack
AzureCloudCyber SecurityFirewallsTerraform
About the role
- Report to the Chief Information & Technology Officer (CITO) and lead security strategy for Sylogist
- Develop, implement, and oversee security protocols, compliance programs, and risk management strategies
- Plan delivery of solutions, respond to technical RFPs, and enhance security team competencies
- Define security protocols by evaluating business strategies and requirements
- Develop, review, and approve installation requirements for LANs, WANs, VPNs, firewalls, routers, and related network devices
- Execute corporate identity and access control by implementing Azure AD solutions, MFA, and Privileged Access Management (PAM)
- Respond to and investigate security incidents and provide post-event analysis
- Manage secure phishing programs and compliance training
- Develop and maintain a corporate security roadmap including system upgrades
- Conduct vulnerability scans, penetration tests, and incident response drills
- Develop and implement security test scripts and verify security systems
- Partner with DevOps and architecture teams on security best practices
- Document and review corporate policies to ensure compliance with NIST and other standards
- Review and ensure product compliance with privacy requirements (GDPR, CCPA, PIPEDA, global privacy laws)
- Implement data classification, encryption (at rest/in transit), and DLP solutions
- Develop, implement, and document disaster recovery and business continuity plans
- Conduct Privacy Impact Assessments (PIAs) for new systems and data flows
- Conduct quarterly security workshops and maintain training records for compliance audits (SOC 2, ISO 27001)
- Manage third-party and cloud vendor risk assessments (including Microsoft Azure environments) and monitor SaaS vendor compliance
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field
- 5+ years of experience in information security
- Cloud infrastructure management experience
- Certifications such as CISSP, CISM, Azure Solutions Architect Expert, Azure Security Architect Expert, or CCSP (preferred)
- Proficiency in Azure IaaS/PaaS, IaC (Terraform/Bicep), and SIEM tools
- Deep knowledge of GDPR, SOC 2, NIST CSF, and PCI DSS
- Experience managing global compliance programs
- Strategic planning, vendor negotiation, and crisis management skills
- Strong working knowledge of IT risks, cybersecurity, and operating systems
- Excellent communication and interpersonal skills
- Microsoft Azure security certification and additional advanced security/cloud certifications (nice-to-have)
- Experience with privacy compliance programs across multiple jurisdictions (nice-to-have)
- Must provide proper employment documentation showing immediate eligibility to work in the country in which the role is based (no sponsorship)
