Senior Cloud Cybersecurity Engineer responsible for cloud security engineering at Tanium. Collaborate to protect cloud infrastructure against threats in Azure, AWS, and Kubernetes.
About the role
- Senior Security Engineer at Float enhancing security for fintech features. Leading initiatives to implement security controls and work closely with cross-functional teams for compliance.
Responsibilities
- Owning and improving AWS and GitHub security guardrails, including IAM, OIDC, network segmentation, and CI/CD hardening.
- Leading automation for vulnerability management and cloud posture using our security tools and infrastructure-as-code.
- Partnering with developers to embed secure SDLC practices, including dependency scanning, secret management, and threat modeling for high-risk features.
- Helping mature endpoint and identity security while ensuring full coverage and strong baselines.
- Tuning and expanding detection and response capabilities, developing playbooks, alert pipelines, and response automation.
- Contributing to evidence automation for PCI DSS 4.0 and SOC 2, ensuring “compliance by default.”
- Championing security metrics that matter: coverage, time-to-remediate, and control effectiveness.
Requirements
- Strong background in security, authentication, infrastructure, and cloud technologies, including vulnerability management and threat detection/remediation.
- Familiarity with integrating security practices into CI/CD pipelines, ideally using tools such as Buildkite.
- Understanding of Infrastructure as Code (IaC) security, particularly with Terraform.
- Knowledge of compliance frameworks such as SOC 2 and ISO 27001.
- Experience with risk assessment and management in cloud environments, as well as network monitoring and intrusion detection/prevention.
- Hands-on experience with vulnerability scanning tools and methods for identifying, prioritizing, and remediating vulnerabilities.
- Strong grasp of common security vulnerabilities (e.g., OWASP Top Ten) and security testing techniques.
- Experience with Auth0 and Okta for user management, SSO, and MFA.
- Familiarity with implementing and managing IAM policies, RBAC, and user lifecycle best practices.
- Experience securing PostgreSQL databases (access control, encryption, auditing).
- Proficiency in Python for scripting, automation, and API integrations, including developing and maintaining security automation tools.
Benefits
- Competitive compensation, equity options, and benefits
- Hybrid work model – we are based in Toronto with in-office days for connection and collaboration
- Enjoy catered team lunches every Tuesday, Wednesday and Thursday
- Bring your pup to our dog-friendly office
- Thrive in a high-trust, high-performance culture where your work truly matters
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Managing Consultant in Cybersecurity and NERC Compliance at Guidehouse. Leading client management and project workstreams within the electric utility sector in Canada.
Senior Analyst performing SOC 1 and SOC 2 examinations at Kraken. Leading compliance initiatives and enhancing IT controls in a remote environment.
Security Guard responsible for protecting people and property in Amherst, Nova Scotia. Conducting patrols and monitoring security systems to ensure safety.
Security Lead responsible for driving security function and strategy at Newton, a crypto trading platform. Ensuring CIRO and SOC 2 alignment while embedding security practices across all systems and applications.
Senior Cybersecurity Engineer at Vervent focused on security solution design and incident response. Join a growing team to implement and strengthen enterprise security operations.
IA
Conseiller juridique stratégique au sein des Services juridiques pour la protection des renseignements personnels au Canada. Fournissant des conseils stratégiques en matière de cybersécurité et réglementaire.
Manager, Information Security at Manulife will assess vendor IT risks and security controls. Conducting audits, guiding businesses in IT risk management under a hybrid working model.
Key role in operational security management of IT infrastructures at Xideral. Involves risk management, security architecture, and coordination with various stakeholders.
Industrial Security Lead managing facility security functions at L3Harris Technologies to support compliance with security policies. Engaging with internal and external security officials and overseeing security operations.