Senior Information Security Governance Advisor at TEHORA defining security strategies and conducting risk analyses. Participating in audits and controls while supporting organizational and technological changes.
About the role
- Senior Security Engineer at Float enhancing security for fintech features. Leading initiatives to implement security controls and work closely with cross-functional teams for compliance.
Responsibilities
- Owning and improving AWS and GitHub security guardrails, including IAM, OIDC, network segmentation, and CI/CD hardening.
- Leading automation for vulnerability management and cloud posture using our security tools and infrastructure-as-code.
- Partnering with developers to embed secure SDLC practices, including dependency scanning, secret management, and threat modeling for high-risk features.
- Helping mature endpoint and identity security while ensuring full coverage and strong baselines.
- Tuning and expanding detection and response capabilities, developing playbooks, alert pipelines, and response automation.
- Contributing to evidence automation for PCI DSS 4.0 and SOC 2, ensuring “compliance by default.”
- Championing security metrics that matter: coverage, time-to-remediate, and control effectiveness.
Requirements
- Strong background in security, authentication, infrastructure, and cloud technologies, including vulnerability management and threat detection/remediation.
- Familiarity with integrating security practices into CI/CD pipelines, ideally using tools such as Buildkite.
- Understanding of Infrastructure as Code (IaC) security, particularly with Terraform.
- Knowledge of compliance frameworks such as SOC 2 and ISO 27001.
- Experience with risk assessment and management in cloud environments, as well as network monitoring and intrusion detection/prevention.
- Hands-on experience with vulnerability scanning tools and methods for identifying, prioritizing, and remediating vulnerabilities.
- Strong grasp of common security vulnerabilities (e.g., OWASP Top Ten) and security testing techniques.
- Experience with Auth0 and Okta for user management, SSO, and MFA.
- Familiarity with implementing and managing IAM policies, RBAC, and user lifecycle best practices.
- Experience securing PostgreSQL databases (access control, encryption, auditing).
- Proficiency in Python for scripting, automation, and API integrations, including developing and maintaining security automation tools.
Benefits
- Competitive compensation, equity options, and benefits
- Hybrid work model – we are based in Toronto with in-office days for connection and collaboration
- Enjoy catered team lunches every Tuesday, Wednesday and Thursday
- Bring your pup to our dog-friendly office
- Thrive in a high-trust, high-performance culture where your work truly matters
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Senior Security Advisor at Intact managing cybersecurity across cloud and endpoint environments. Working to protect critical assets like cloud infrastructure and identity landscape.
Bilingual Security Agent ensuring the safety of people and property for OPENLANE. Responsibilities include surveillance, access control, and customer service at the facility.
Staff Product Security Engineer ensuring security throughout the product development lifecycle at Affirm. Collaborating closely with product and engineering teams to improve security in financial products.
Agent de projets de sécurité pour l'Administration de la Chambre des communes. Mener des évaluations de sécurité et gérer plusieurs projets partout au Canada.
Information Security Advisor ensuring risk assessment and compliance for Sun Life business groups. Conducting risk assessments and advising on information security best practices.
Senior Hardware Security Engineer at Lime focusing on hardware security architecture and assessments. Collaborate with teams on product security across embedded systems and firmware.
Product Security Engineer improving security of Lattice’s applications and services through engineering partnerships and security operations. Contributing to secure coding practices and AI/LLM security assessments.
Asset Protection Security Guard monitoring logging equipment and maintaining security at remote logging sites. Reliable individuals needed for overnight shifts in Duncan, BC.
Compliance Manager overseeing compliance processes and frameworks for Data Security Services at Entrust. Ensuring DSS products meet or exceed industry standards and mitigate compliance risks.