Senior Security Engineer

Posted last month

Apply Now

Resume Score

Check how well your resume matches this job before you apply.

Sign in to check score

About the role

  • Senior Security Engineer safeguarding Overstory’s systems, data, and reputation. Leading security initiatives while partnering with engineering and compliance teams in a remote environment.

Responsibilities

  • Own and evolve Overstory’s compliance program, ensuring ongoing alignment with SOC 2, ISO 27001, and other relevant frameworks
  • Drive vulnerability management end-to-end, from detection to remediation, working closely with engineering teams to prioritize and resolve risks efficiently
  • Design and improve security processes and controls across infrastructure, applications, and internal systems
  • Lead security input in architecture and engineering decisions, helping teams build secure-by-design systems
  • Oversee and improve identity and access management, endpoint security, and core IT security practices
  • Own vendor security and third-party risk management, including assessments, risk evaluation, and mitigation strategies
  • Lead audit readiness and execution for SOC 2 and ISO 27001, including control design, evidence collection, and auditor coordination
  • Partner with customer-facing teams to handle security questionnaires and build scalable, high-quality response processes
  • Contribute to security awareness and culture, mentoring others and raising the security bar across the organization

Requirements

  • 5+ years of experience in security engineering, security operations, or a related field
  • Direct experience with security and compliance frameworks such as SOC 2 and/or ISO 27001, including audit processes
  • Deep experience with vulnerability management, including tooling, prioritization, and remediation workflows
  • Fluency working across cloud environments (AWS, GCP, or Azure) and modern SaaS ecosystems
  • Experience with identity and access management, endpoint security, and IT/security operations
  • Demonstrated ability to translate security risks into clear, actionable guidance for technical and non-technical stakeholders
  • Demonstrable experience (or at a minimum a serious interest in) leveraging AI tooling to accelerate business impact.
  • Strong written communication skills and are comfortable owning documentation and audit artifacts
  • Demonstrable proactive, pragmatic mindset as well as capacity for balancing security best practices with business needs
  • Experience working cross-functionally influencing without authority in a remote-first environment

Benefits

  • Competitive, location-specific compensation and benefits
  • Flexible, autonomous and collaborative working environment rooted in trust - we build our work days around our lives, not the other way around
  • Home office stipend, coworking and ongoing education budgets
  • A company culture that genuinely embodies each of our core values
  • To be part of truly mission-driven work that reduces wildfires, protects earth’s natural resources and helps solve our climate crisis

Job type

Full Time

Experience level

Senior

Salary

Not specified

Degree requirement

Bachelor's Degree

Tech skills

AWSAzureCloudGoogle Cloud Platform

Location requirements

RemoteCanada

Report this job

Found something wrong with the page? Please let us know by submitting a report below.