Staff, Security Engineer

Were looking for a Staff Security Engineer to join Fullscripts Security Engineering team as a senior technical leader and hands-on builder. This role is ideal for someone who started their career in software engineering and developed deep expertise in security engineering application security or product security.

Youll work closely with engineering teams to design and implement security solutions that scale across Fullscripts products and platforms. As a Staff-level engineer youll own complex technical initiatives help shape security strategy and influence how security is built into the software development lifecycle. Youll be expected to balance hands-on execution with technical leadership mentoring engineers and helping teams solve security challenges in a way that supports both business objectives and engineering velocity.

Were looking for someone who has owned systems end-to-end; from application development and infrastructure decisions through security design and implementation; Understands how to build secure scalable solutions in production environments. The ideal candidate is deeply technical highly collaborative and energized by solving difficult problems that span multiple teams systems and domains.

• Lead the design and implementation of security solutions across Fullscripts applications platforms and AI-powered systems.
• Partner with engineering teams to embed security throughout the software development lifecycle including architecture reviews threat modeling secure coding practices and design reviews.
• Drive application security product security and vulnerability management initiatives from concept through implementation.
• Own complex security challenges that span multiple teams balancing technical requirements business priorities and engineering constraints to deliver scalable solutions.
• Mentor engineers and security practitioners raising the bar for secure software development and helping teams make sound security decisions.
• Influence technical strategy and security standards through hands-on engineering technical leadership and cross-functional collaboration.
• Stay ahead of emerging threats security technologies and AI-specific risks to help shape Fullscripts long-term security posture.

• Experience securing Ruby on Rails JavaScript GraphQL or similar application ecosystems.
• Experience with AWS cloud security and cloud-native security controls.
• Experience with threat modeling methodologies such as STRIDE PASTA or similar frameworks.
• Experience with vulnerability management application security posture management or developer security tooling.
• Familiarity with GitHub GitLab Wiz static analysis tools secret scanning or related security platforms.
• Experience conducting penetration testing security research or ethical hacking activities.
• Experience protecting healthcare regulated or sensitive customer data.

• Remote-first flexibility to work where you work best with North America (Ottawa Toronto or Calgary) preferred for this role.
• Flexible PTO and competitive pay because work-life balance matters
• RRSP/401k match and stock options to invest in your future
• Premium benefits package with customizable coverage paramedical services and an HSA.
• Fullscript discounts to save on high-quality wellness products
• Continuous learning opportunities to grow your skills and career