Senior Security Engineer safeguarding Overstory’s systems, data, and reputation. Leading security initiatives while partnering with engineering and compliance teams in a remote environment.
Responsibilities
Own and evolve Overstory’s compliance program, ensuring ongoing alignment with SOC 2, ISO 27001, and other relevant frameworks
Drive vulnerability management end-to-end, from detection to remediation, working closely with engineering teams to prioritize and resolve risks efficiently
Design and improve security processes and controls across infrastructure, applications, and internal systems
Lead security input in architecture and engineering decisions, helping teams build secure-by-design systems
Oversee and improve identity and access management, endpoint security, and core IT security practices
Own vendor security and third-party risk management, including assessments, risk evaluation, and mitigation strategies
Lead audit readiness and execution for SOC 2 and ISO 27001, including control design, evidence collection, and auditor coordination
Partner with customer-facing teams to handle security questionnaires and build scalable, high-quality response processes
Contribute to security awareness and culture, mentoring others and raising the security bar across the organization
Requirements
5+ years of experience in security engineering, security operations, or a related field
Direct experience with security and compliance frameworks such as SOC 2 and/or ISO 27001, including audit processes
Deep experience with vulnerability management, including tooling, prioritization, and remediation workflows
Fluency working across cloud environments (AWS, GCP, or Azure) and modern SaaS ecosystems
Experience with identity and access management, endpoint security, and IT/security operations
Demonstrated ability to translate security risks into clear, actionable guidance for technical and non-technical stakeholders
Demonstrable experience (or at a minimum a serious interest in) leveraging AI tooling to accelerate business impact.
Strong written communication skills and are comfortable owning documentation and audit artifacts
Demonstrable proactive, pragmatic mindset as well as capacity for balancing security best practices with business needs
Experience working cross-functionally influencing without authority in a remote-first environment
Benefits
Competitive, location-specific compensation and benefits
Flexible, autonomous and collaborative working environment rooted in trust - we build our work days around our lives, not the other way around
Home office stipend, coworking and ongoing education budgets
A company culture that genuinely embodies each of our core values
To be part of truly mission-driven work that reduces wildfires, protects earth’s natural resources and helps solve our climate crisis
Container Security Consultant needed for 12 - month contract with enterprise bank in Toronto. Must have strong container security experience with OpenShift, Docker, Kubernetes.
Technical Program Manager managing security programs aligned with security strategy at Guidewire. Collaborating with various stakeholders to enhance security maturity and efficiency.
Senior IT Architect specialized in Security & Networking infrastructure technologies leading architecture development for technology projects. Collaborating with multiple teams to ensure alignment with strategic objectives.
Director of IT Security leading the cybersecurity strategy for a remote workforce at Directive Consulting. Responsible for risk management, incident response, and compliance initiatives.
Senior Consultant in Cybersecurity for Wavestone managing client - facing engagements and providing strategic advisory services. Leading teams and business development in cybersecurity engagements with top organizations.
Senior Information Security Advisor needed for a 6 - month contract in Scarborough, ON. Provide security advisory, risk assessments, and cloud controls in banking.
Supervisor reporting to the Manager of Parking and Security at Scarborough Health Network hospitals. Responsible for supervising on - duty Security Guards and ensuring customer - focused services.
Security and Compliance Associate at Habitat Learn, an EdTech company focused on accessibility. Supporting compliance and security operations for multiple frameworks in a remote role based in Ontario.
Senior Manager overseeing the Identity & Access Management team for RBC in Global Security. Leading projects, managing operations, and ensuring client - centric service delivery.