Senior Security Engineer managing application security for Hopper's travel platform. Engaging in developing automated security tools and practices to integrate directly into CI/CD workflows.
Responsibilities
Own and evolve our vulnerability management program with a focus on application security — container images, dependencies, code scanning, and runtime detection
Build and maintain security tooling that integrates directly into CI/CD pipelines and developer workflows, so security happens automatically rather than as a gate
Use AI extensively to write code faster, automate analyses that would otherwise require manual review, and build intelligent tooling that scales beyond what a small team could achieve manually
Assess and improve how we leverage available telemetry across our systems
Work directly with engineering teams to influence secure development practices — not by writing standards and documents, but by shipping tools and defaults that make the secure path the easy path
Investigate and respond to security findings when needed, but spend more of your time building systems that prevent and detect issues than manually chasing them
Adapt quickly as priorities shift — our team is agile and tomorrow's challenge may look different from todays
Requirements
At least 5 years experience software and/or platform engineering, with the ability to design, build, and maintain production-quality tools
Deep experience in application security and vulnerability management — you understand CVEs, dependency risks, container security, and SDLC integration, and you have opinions about what's worth fixing and what's noise
Hands-on experience with cloud infrastructure, ideally GCP/GKE or equivalent, with the ability to adapt to our stack
A demonstrated habit of using AI tools — coding assistants, LLMs — as a core part of how you build and analyse, not an occasional shortcut
A bias toward automation — when you see a repetitive manual task, your instinct is to write a tool, not a runbook
Comfort with ambiguity and ownership — you'll often be the only person on a problem and will need to make judgment calls on priority, approach, and scope without waiting for direction
Experience influencing engineering culture around security, knowing how to make developers care without slowing them down
Strong written and verbal communication skills, including the ability to articulate our security posture clearly to customers when needed
Benefits
Well-funded and proven startup with large ambitions, competitive salary and upsides of pre-IPO equity packages.
Hopper covers 100% of the premiums for group insurance plan.
Hopper offers life, short term and long term disability coverage.
HSA that covers eligible medical and dental expenses.
All employees and dependents have access to Dialogue’s telemedicine services, anytime, anywhere.
All employees have access to an RRSP plan with automatic pre-tax withdrawals per pay.
Please ask us about our very generous parental leave, much above industry standards!.
Unlimited PTO.
Carrot Cash travel stipend.
Access to co-working space on demand through FlexDesk AND Work-from-home stipend.
Entrepreneurial culture where pushing limits and taking risks is everyday business.
Open communication with management and company leadership.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.