Senior IT Security Engineer at NEAR Foundation leading information security program and compliance initiatives. Partnering with IT teams for secure architectural design and risk management.
About the role
- Staff Security Engineer at Homebase defining application security strategy and embedding security in product development. Collaborate with teams to address security challenges in a growing suite of tools.
Responsibilities
- Define and execute Homebase’s multi-quarter Application Security roadmap, aligning security initiatives with business objectives and company OKRs.
- Architect secure-by-default patterns, frameworks, and paved roads that developers adopt naturally, removing entire classes of vulnerabilities before they reach production.
- Evaluate emerging security technologies and make build-versus-buy decisions that shape the security platform.
- Drive security and product trade-off decisions at the architectural level, balancing protection with velocity.
- Influence company-wide engineering practices and security investments through data-driven recommendations.
- Lead threat modeling and security architecture reviews for AI-powered features, model training pipelines, and LLM integrations.
- Design and implement security controls specific to AI/ML systems, including prompt injection defenses, model input validation, output filtering, and data pipeline integrity.
- Create AI-powered vulnerability detection and security automation that multiplies the team’s effectiveness.
- Partner with AI engineering teams to establish secure development patterns for model deployment and inference infrastructure.
- Stay ahead of the evolving AI threat landscape and translate emerging risks into practical engineering guidance.
- Build and maintain security tooling and automation that integrates seamlessly into CI/CD pipelines, enabling continuous security validation at scale.
- Own the vulnerability management program: design modern systems for detection, prioritization, tracking, and remediation of security debt across the product portfolio.
- Own the bug bounty and responsible disclosure program, turning external researcher findings into systemic improvements.
- Embed security into the full software development lifecycle through scalable guardrails, automated testing frameworks, and developer-facing documentation.
- Partner with senior leaders across Engineering, Product, and Infrastructure to improve Homebase’s overall security posture.
- Pioneer a security partnership program, mentoring engineers across the organization, and driving a culture of shared security ownership.
- Provide expert guidance during security incidents and lead post-incident analysis to drive systemic improvements.
- Curate and author security guidance, patterns, and training content that raises the security bar organization-wide.
- Influence security decisions at the department and company level; shape how Homebase invests in security capabilities.
Requirements
- 10+ years of progressive experience in Application Security or Security Engineering, with demonstrated impact at the Staff or Principal level.
- Deep software engineering experience in production environments, you write code, build tools, and think like an engineer first.
- A proven track record of leading architectural changes and complex cross-team initiatives that reduced security risk at scale.
- Hands-on experience securing AI-native applications, including LLM integrations, model pipelines, or ML infrastructure.
- Strong expertise in web application security, cloud-native security (AWS), and modern DevSecOps practices.
- Proficiency in languages and frameworks relevant to our stack: Ruby, Python, React, and Rails.
- Experience designing and implementing modern vulnerability management systems and embedding security tooling within CI/CD pipelines.
- Exceptional ability to evaluate security trade-offs, make pragmatic risk-informed decisions, and communicate them clearly to technical and non-technical stakeholders.
- Demonstrated curiosity about emerging AI capabilities, with a track record of leveraging new tools to enhance security operations and productivity.
Benefits
- 💰 Ownership & Savings: Stock options + TFSA/RRSP with 4% company match
- 🏥 Health & Wellness: Comprehensive medical, dental, and vision for you and your dependents
- ⏰ Time Flexibility: Flex time off + company holidays + designated focus periods
- 👶 Family Support: Maternity/Parental Leave EI top-up support offered (after 6 months of service)
- 🌟 Work Your Way: Work From Anywhere Month + meeting-free weeks yearly
- 🛡️ Protection Plans: Life insurance + short/long-term disability coverage
- 🍽️ Workspace Perks: Meals provided, team offsites, and Customer Days
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Bilingual Security Director for International SOS driving revenue growth of health security subscription services in Canada. Supporting consulting, training, and managed services with trusted client relationships.
Program Manager driving complex engineering projects within the Product Security organization at CrowdStrike. Collaborating cross - functionally to ensure timely delivery of security solutions across product portfolios.
Security Engineer focused on matching technology opportunities with customer business objectives at Tenable. Delivering technical presentations and driving successful customer engagements in cybersecurity solutions.
Business Development & Capture Lead for Global Spatial Technology Solutions driving revenue growth in defence sector. Engaging senior stakeholders and leading proposal development across global markets from a remote location.
IT & Security Specialist managing IT operations, security, and infrastructure for Senstar, a leader in security technology. Hands - on role blending end - user support, cybersecurity, and infrastructure management.
HR Systems Security Specialist responsible for design, configuration, and administration of security within Workday and SAP. Collaborating with HR and stakeholders to ensure effective access design and compliance.
Cybersecurity advisor working within the DCYB to develop IT security measures. Collaborating with teams to fortify cybersecurity posture and ensuring data protection for citizens.
Consultant in remuneration and occupational health and safety at the Quebec Federation of Municipalities. Ensuring employee needs match organizational requirements and promoting a safe work environment.
Cybersecurity Administrator providing operational support for compliance activities in information security. Assisting vendor risk management, audit coordination, and vulnerability tracking.