Senior Security Engineer designing and maintaining security tools and processes at Hopper. Focused on application security and integrating with developer workflows while leveraging AI.
Responsibilities
Own and evolve our vulnerability management program with a focus on application security — container images, dependencies, code analysis, and real-time detection
Design and maintain security tooling integrated directly into CI/CD pipelines and developer workflows so security happens automatically rather than acting as a blocker
Use AI extensively to code faster, automate analyses that would otherwise require manual review, and build intelligent tools that exceed what a small team could accomplish manually
Assess and improve how we leverage telemetry available in our systems
Work directly with engineering teams to influence secure development practices — not by writing policies and docs, but by delivering tools and default configurations that make the secure path the easiest
Investigate and respond to security reports as needed, but spend the majority of your time building systems that prevent and detect issues rather than chasing them manually
Move quickly and adapt to shifting priorities — our team is agile and tomorrow’s challenges may look very different from today’s
Requirements
Minimum 5 years of experience in software and/or platform engineering, with the ability to design, build, and maintain production-quality tools
Deep experience in application security and vulnerability management — you understand CVEs, dependency risks, container security, and SDLC integration, and you can distinguish what needs to be fixed vs. noise
Hands-on experience with cloud infrastructure, ideally GCP/GKE or equivalent, and the ability to adapt to our environment
Demonstrated habit of using AI tools — coding assistants, LLMs — as a central part of how you build and analyze, not as an occasional shortcut
A bias for automation — when you see a repetitive manual task, your instinct is to write a tool, not a procedures manual
Comfortable with ambiguity and ownership — you will often be the only person working on a problem and must make decisions about priorities, approach, and scope without waiting for direction
Experience influencing engineering culture around security, knowing how to get developers to care about security without slowing their velocity
Excellent written and verbal communication skills, including the ability to clearly explain our security posture to customers when needed.
Benefits
Well-funded, proven startup with big ambitions, competitive salary, and pre-IPO equity participation
Hopper covers 100% of group insurance premiums
Hopper provides life insurance and short- and long-term disability coverage
Health Spending Account (HSA) covering eligible medical and dental expenses
All employees and their dependents have access to Dialogue telemedicine services anytime, from anywhere
All employees have access to an RRSP plan with automatic pre-tax payroll contributions
Ask about our very generous parental leave—well above industry standards
Unlimited vacation
Travel allowance in Carrot Cash
Access to coworking spaces on demand via FlexDesk AND an allowance for remote work
Entrepreneurial culture where pushing boundaries and taking risks is part of the day-to-day
Open communication with management and company leaders
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.