Sia logo

Sia

Remote, British Columbia, Ontario

Lead Security Engineer

full-timeRemote$140,000 - $200,000
security
aws
cloud
risk
engineer
devsecops
compliance

About the Role

We're looking for a Lead Security Engineer to join our Platform team and mature Swiftly's security posture. We believe excellent security isn't just about tools and controls; it's about empowering product, infrastructure, and corporate IT teams across our organization to make secure decisions every day.In this role, you'll partner closely with engineering, product, and go-to-market teams to design secure solutions, build DevSecOps tooling, and drive our compliance roadmap. You'll balance strategic initiatives with hands-on work in our cloud-native environment.We're looking for someone equally comfortable working on codebases and leading cross-functional initiatives, a force multiplier who can train teams, represent security to customers and executives, and make security a natural part of how Swiftly ships products.

What You'll Do

Make Swiftly Secure

  • Own Swiftly's security risk register and threat models; identify, prioritize, and drive remediation of risks across application and infrastructure.
  • Design secure architectures for our SaaS platform, mobile applications, and IOT/Hardware Integration, focusing on authentication, authorization, data protection, and network boundaries
  • Recommend, implement, and manage security tools end-to-end
  • Build DevSecOps guardrails into CI/CD so vulnerabilities, misconfigurations, and license issues surface early
  • Conduct internal security assessments and coordinate engagements with external penetration testers.
  • Own security policies and standards; ensure they're practical, adopted, and measurable
  • Define standards for secure adoption of AI coding assistants, building reusable patterns, custom configurations, and guardrails that help developers move fast safely

Compliance & Customer Trust

  • Lead renewals and continuous readiness for existing certifications like SOC 2
  • Proactively identify security frameworks required for international expansion; scope cost, level of effort, and timelines to inform market entry decisions; and lead execution of new certifications
  • Respond to customer security and compliance inquiries and support product marketing with security content

Incident Response & Detection

  • Design and maintain security incident response plans, playbooks, and escalation paths
  • Serve as an escalation point for security incidents; lead triage, root cause analysis, and remediation

Security Leadership

  • Define and maintain security KPIs and dashboards for executive and board reporting
  • Give teams visibility into their security posture and coach them to improve
  • Influence roadmap prioritization to ensure security and compliance are first-class concerns
  • Mentor engineers in secure design and help grow a security-aware culture across Swiftly by delivering security training and office hours for developers and other stakeholders
  • Drive corporate IT security strategy, including endpoint hardening, email security, IAM standards, and periodic access reviews

What will set you up for success

  • 5+ years of experience in security engineering with both strategic and hands-on work
  • Strong experience securing cloud-native environments (AWS preferred), including IAM, networking, logging/monitoring, and secrets management
  • Hands-on experience with infrastructure-as-code (Terraform) and policy-as-code frameworks (OPA, Sentinel, or similar)
  • Background building security into CI/CD pipelines and development workflows
  • Familiarity with container and orchestration security
  • Excellent threat modeling and risk assessment skills; able to translate complex risks into clear options and tradeoffs
  • Experience with compliance frameworks (SOC 2 preferred) and audit processes
  • Strong communication skills; comfortable working across technical and non-technical teams
  • Self-directed and comfortable operating with autonomy

Nice to Haves

  • Relevant certifications (CISSP, cloud security certifications)
  • Experience advising on security for AI/ML or LLM-powered features
  • Mobile application security experience (Android preferred)
  • Experience with GRC and compliance platforms
  • Background in application security or penetration testing
  • Experience with international compliance frameworks
  • Familiarity with regulated industries or public sector requirements
  • Experience with physical device security (IoT, embedded systems, or field-deployed hardware)
  • Experience with Mobile Device Management (MDM) solutions for enterprise or fleet deployments

Pay Range

In accordance with pay transparency laws, please see the approximate salary ranges below. These ranges represents the anticipated low and high end of the salary for this position. Actual salaries will vary and are based on a multitude of non-discriminatory factors including final role leveling decisions, a candidate’s relevant work experiences/skills, and geographic location. Salary is one component of Swiftly’s total compensation package, which also includes stock options, competitive benefits, 401(k)/ RRSP matching, a fantastic team and culture, opportunity to have a huge impact, emphasis on professional growth and holistic wellness, and other perks.

US Salary Range: $140,000 - 200,000

Canadian Salary Range: $165,000 - 200,000

Benefits:

  • Competitive salary
  • Equity compensation (company ownership) for every employee
  • Medical, Dental and Vision
  • Retirement with Employer Match
  • Flexible Spending Account (FSA)
  • Home office setup reimbursement
  • Monthly cell/internet reimbursement
  • Monthly "Be Well" stipend
  • Flexible PTO with a recommended minimum
  • Flexible work environment
  • 16 paid holidays - including months without US national holidays
  • 8 fully paid weeks of leave for child birth/adoption