Lead Security Engineer

Team: IT

Location: US

Commitment: Full-time

Workplace Type: remote

Accountabilities:

• Own and manage the organization’s security risk register, threat models, and remediation efforts across applications, infrastructure, and services.

• Design secure architectures focusing on authentication, authorization, data protection, and network boundaries for SaaS, mobile, and IoT products.

• Implement and maintain security tools, DevSecOps guardrails, and CI/CD pipelines to detect vulnerabilities and misconfigurations early.

• Lead compliance initiatives, including SOC 2 and other relevant frameworks, and respond to customer security inquiries.

• Define and maintain security policies, standards, KPIs, and dashboards; provide visibility and guidance to teams and executives.

• Conduct internal security assessments and coordinate external penetration tests.

• Mentor engineering teams in secure design practices and foster a security-aware culture across the organization.

• Develop and maintain incident response plans, serve as escalation point for incidents, and lead investigations and remediation.

Requirements:

• 5+ years of experience in security engineering with both hands-on and strategic responsibilities.

• Strong expertise securing cloud-native environments (AWS preferred), including IAM, networking, logging/monitoring, and secrets management.

• Experience with infrastructure-as-code (Terraform) and policy-as-code frameworks (OPA, Sentinel, or similar).

• Hands-on experience integrating security into CI/CD pipelines and development workflows.

• Knowledge of container and orchestration security, threat modeling, and risk assessment.

• Familiarity with compliance frameworks (SOC 2 preferred) and audit processes.

• Strong communication skills to collaborate with both technical and non-technical stakeholders.

• Self-directed, able to operate autonomously, and comfortable leading cross-functional initiatives.

Preferred / Nice-to-Have Skills:

• CISSP or cloud security certifications.

• Experience securing AI/ML or LLM-powered features.

• Mobile application security experience (Android preferred).

• Knowledge of GRC and compliance platforms.

• Experience with international compliance frameworks and regulated industries.

• Familiarity with IoT, embedded systems, or fleet device security and MDM solutions.

Benefits:

• Competitive salary and equity compensation.

• Medical, dental, and vision insurance.

• Retirement plan with employer match (401(k)/RRSP).

• Flexible Spending Accounts (FSA) and wellness stipends.

• Home office setup reimbursement and monthly internet/cell stipend.

• Flexible PTO, 16 paid holidays, and 8 fully paid weeks for childbirth/adoption leave.

• Flexible, remote-friendly work environment.

• Annual company offsites to build team relationships.

• Opportunity to make high-impact contributions to security, compliance, and business growth.