Security Engineer I (Contract)
Job Summary
- Innovate with Purpose: Build impactful solutions for customers worldwide.
- Join Excellence: Work in a diverse collaborative and innovative team.
- Shape the Future: Lead in redefining revenue optimization.
- Grow Together: Unlock your potential in a supportive environment.
Help Us Build a More Secure Future
Our Information Security team is looking for a motivated hands-on Security Engineer I In Canada to support the execution of day-to-day security operations while contributing to foundational security engineering initiatives. This role provides exposure across multiple security domains including security monitoring and incident response security tooling and controls engineering application security testing vulnerability management security risk assessments and emerging AI security practices.
As a Security Security Engineer I you will partner closely with stakeholders across Cloud Operations Engineering IT and business teams to strengthen our security posture through operational excellence continuous improvement and a risk-based approach to decision-making.
This is an exciting opportunity for a security professional who enjoys solving complex challenges driving meaningful improvements and making a measurable impact across the organization.
Contract Length: 18 Months(Maternity Leave Backfill) Only Candidates residing in Canada or Mexico are eligible for this job
What Youll Do
Security Tooling Operations & Security Engineering
- Coordinate the deployment configuration testing monitoring and ongoing maintenance of security technologies including SIEM EDR DLP WAF CASB Secure Web Gateway URL filtering email security and application/vulnerability scanning platforms.
- Lead small-to-medium-sized security initiatives from requirements gathering through design testing pilot execution and implementation.
- Support proof-of-concept evaluations and product assessments to ensure proposed solutions align with security strategy standards and industry best practices.
- Act as a service or tool owner by identifying enhancements maintaining operational runbooks and recommending improvements for tools under your responsibility.
- Develop and maintain procedures workflows architecture diagrams and operational playbooks that support security monitoring and engineering activities.
Security Monitoring Triage & Incident Response
- Investigate and triage security events using technologies such as SIEM EDR DLP WAF CASB Secure Web Gateway and email security solutions.
- Detect respond to and support investigations of security incidents while documenting root-cause analysis and lessons learned.
- Follow established incident response procedures and playbooks escalating critical findings appropriately and efficiently.
- Apply analytical and adversarial thinking to identify protect detect respond to and recover from common cyber threats and attack vectors.
Vulnerability Management & Security Testing
- Perform and support secure baseline reviews infrastructure scanning endpoint scanning application vulnerability assessments penetration testing validation and AI red-teaming exercises.
- Review vulnerability findings for accuracy and completeness while partnering with stakeholders to prioritize remediation efforts based on risk.
- Escalate critical vulnerabilities zero-day threats and high-priority risks while supporting rapid mitigation efforts.
- Contribute to continuous improvements in vulnerability management workflows through automation and the integration of security testing into CI/CD pipelines.
Security Risk Assessments Threat Modeling & Third-Party Risk
- Conduct security risk assessments for internal initiatives product enhancements vendors and productivity tools.
- Perform STRIDE-based threat modeling for internal projects and AI-enabled solutions producing actionable recommendations and clear risk reports.
- Apply a risk-based approach to evaluating Agentic AI technologies and AI-related security risks.
- Conduct vendor risk assessments within OneTrust and support broader third-party risk management activities.
Continuous Improvement & Security Enablement
- Identify opportunities to strengthen controls improve processes and enhance security outcomes across teams.
- Stay informed on emerging threats technologies and industry best practices sharing relevant insights with colleagues and stakeholders.
What Youll Bring
Required Qualifications
- Bachelors degree in Technology Management Information Security Computer Science Computer Engineering or equivalent practical experience.
- 35 years of experience in Information Security Security Engineering or Security Operations.
- At least one industry-recognized security certification (CISSP CISA CCSP or equivalent).
- Experience working with public cloud platforms such as AWS IBM Cloud or Google Cloud Platform (GCP).
- Strong understanding of securing cloud environments operating systems networks databases and applications.
- Hands-on experience with security technologies including SIEM WAF DLP EDR and infrastructure/application vulnerability scanners.
- Knowledge of industry frameworks and standards such as NIST CSF and ISO 27001/27002.
- Familiarity with controls and compliance requirements related to SOC 1 SOC 2 PCI and HIPAA.
- Excellent written and verbal communication skills with the ability to clearly document findings and communicate risk.
- Strong problem-solving skills accountability and a continuous learning mindset.
- Fluency in English.
Preferred Qualifications
- Experience integrating security controls and tooling into CI/CD pipelines including alerting scanning ticket creation and deployment gating.
- Experience developing security automations using Python PowerShell Bash or similar scripting languages.
- Hands-on experience with OneTrust including workflow management evidence collection and assessment reporting.
- Experience conducting threat modeling and risk assessments using STRIDE methodology.
What Success Looks Like
First 13 Months: Ramp Up & Stabilize Operations
- Become proficient with existing security tools monitoring platforms alert queues and incident response processes.
- Contribute to investigations and triage activities with high-quality documentation and timely escalation.
- Review vulnerability scanning coverage and support improvements to data quality and prioritization.
Months 46: Expand Coverage & Drive Improvements
- Lead at least one security tooling or process improvement initiative from planning through implementation.
- Improve vulnerability management outcomes through stronger triage stakeholder collaboration and remediation tracking.
- Deliver clear risk assessments and STRIDE-based threat models for assigned projects including AI-enabled solutions.
Month 7 and Beyond: Operational Excellence & Lasting Impact
- Deliver measurable improvements through automation process maturity and enhanced operational efficiency.
- Strengthen incident response readiness and reduce recurring security issues through root-cause-driven improvements.
- Establish yourself as a trusted security partner to Engineering Cloud Operations and IT teams through consistent execution and pragmatic security guidance.
The expected base salary range for this role is C76800.00 $ 96000.00 and individuals may be eligible to participate in our variable compensation program.
*Final compensation may vary based on experience skills designations and market conditions.
This posting is for an existing vacancy.
This hiring process utilizes artificial intelligence tools to assist in candidate screening and assessment. Our AI tools are designed to complement not replace human decision-making.
Required Experience:
IC