logo

View all jobs

Lead Security Engineer

Remote, Canada

Lead Security Engineer

Our client is disrupting the financial industry. As a Security Engineer, you’ll lead and be responsible for key areas of the security program while collaborating across the teams.  You will continue to learn and stay current in a fun and rapidly changing environment.

Responsibilities: 

  • Work collaboratively with internal stakeholders to build and operate technology risk management controls
  • Analyze AWS security configurations based on KMS Keys, Security Groups, and IAM Policies across multiple AWS Accounts
  • Build security monitoring and management controls using AWS services such as Security Hub, Inspector, and Guard Duty Script in python using Amazon libraries such as boto3 to generate reusable utilities for environment configuration, control monitoring, audits, and assessment
  • Conduct risk and controls assessments to identify risks and any associated weaknesses, as well as make recommendations on how to mitigate those risks
  • Formulate recommendations that can be implemented using automation tools such as Cloudformation and Terraform Test for vulnerabilities and configuration errors using off-the-shelf and custom tools
  • Collaborate with others to enhance event monitoring, security alerting, and incident response workflows
  • Own and build relationships with key external stakeholders such as customers, vendors, and auditors
  • Produce data-based reports on technology risk for senior management
  • Drive continuous improvement in the technology risk management programs
Requirements  
  • Enthusiasm for scalable, reproducible security management 
  • Self-motivated and creative problem-solver able to work independently with minimal guidance
  • Ability to manage multiple competing priorities and use good judgement to establish order or priorities on the fly
  • Ability to influence internal and external customers to expediently resolve issues and achieve organizational objectives
  • Experience architecting and testing security controls in AWS Ability to thrive in an “infrastructure as code” environment
  • The ability to design and operate controls that are easy to test and audit
  • Knowledge of the PCI DSS
  • An understanding of standards such as ISO 27001/27002 and the NIST Cybersecurity Framework desirable
  • Experience/familiarity with application security including standards like OWASP, tools like Burp Suite, and secure coding practices a plus
  • Experience working in financial services or financial technology desired Bachelor's degree in computer science, computer engineering, cybersecurity or related field. 
  • Certifications such as CISSP, CCSK, CISA, CISM, or similar will receive favorable consideration but are not required
  • Five or more years of experience as a security engineer, systems administrator, or systems engineer with a minimum of two years (can be overlapping) with a focus on cybersecurity.
  •  Experience working in an AWS environment required.

More Openings

Senior Software Engineer
Software Engineer

Share This Job

Powered by