This role offers the opportunity to lead and shape the security posture of a rapidly growing, cloud-native platform. The Lead Security Engineer will partner with engineering, product, and corporate teams to design secure systems, implement DevSecOps practices, and drive compliance initiatives. You will balance strategic planning with hands-on engineering, ensuring robust protections across SaaS, mobile, and IoT environments. This position provides visibility into planning and execution at all levels, allowing you to influence security strategy, mentor teams, and embed security into daily operations. Ideal candidates thrive in a collaborative environment, are self-directed, and are motivated by making high-impact security decisions that enable business growth and customer trust.
Own and manage the organization’s security risk register, threat models, and remediation efforts across applications, infrastructure, and services.
Design secure architectures focusing on authentication, authorization, data protection, and network boundaries for SaaS, mobile, and IoT products.
Implement and maintain security tools, DevSecOps guardrails, and CI/CD pipelines to detect vulnerabilities and misconfigurations early.
Lead compliance initiatives, including SOC 2 and other relevant frameworks, and respond to customer security inquiries.
Define and maintain security policies, standards, KPIs, and dashboards; provide visibility and guidance to teams and executives.
Conduct internal security assessments and coordinate external penetration tests.
Mentor engineering teams in secure design practices and foster a security-aware culture across the organization.
Develop and maintain incident response plans, serve as escalation point for incidents, and lead investigations and remediation.
5+ years of experience in security engineering with both hands-on and strategic responsibilities.
Strong expertise securing cloud-native environments (AWS preferred), including IAM, networking, logging/monitoring, and secrets management.
Experience with infrastructure-as-code (Terraform) and policy-as-code frameworks (OPA, Sentinel, or similar).
Hands-on experience integrating security into CI/CD pipelines and development workflows.
Knowledge of container and orchestration security, threat modeling, and risk assessment.
Familiarity with compliance frameworks (SOC 2 preferred) and audit processes.
Strong communication skills to collaborate with both technical and non-technical stakeholders.
Self-directed, able to operate autonomously, and comfortable leading cross-functional initiatives.
CISSP or cloud security certifications.
Experience securing AI/ML or LLM-powered features.
Mobile application security experience (Android preferred).
Knowledge of GRC and compliance platforms.
Experience with international compliance frameworks and regulated industries.
Familiarity with IoT, embedded systems, or fleet device security and MDM solutions.
Competitive salary and equity compensation.
Medical, dental, and vision insurance.
Retirement plan with employer match (401(k)/RRSP).
Flexible Spending Accounts (FSA) and wellness stipends.
Home office setup reimbursement and monthly internet/cell stipend.
Flexible PTO, 16 paid holidays, and 8 fully paid weeks for childbirth/adoption leave.
Flexible, remote-friendly work environment.
Annual company offsites to build team relationships.
Opportunity to make high-impact contributions to security, compliance, and business growth.
