Security Engineer (Remote)
Job Description
Description
Join us at PolicyMe as a Security Engineer (Remote) .
Overview of the Role
We’re modernizing insurance in Canada and seeking your expertise. As a remote-first, Toronto-based startup, we aim to transform a largely unchanged industry.
About the Role
As a Security Engineer, you will define and implement security practices, tools, and architecture to protect our infrastructure, data, and applications. This high-impact role offers autonomy and the opportunity to build our security foundation from scratch, influencing how we scale securely and effectively.
You will collaborate across teams to minimize risk, operationalize security, and support our growing fintech platform with top-tier standards.
Our Tech Stack: React, Redux, Python, Webpack, Gatsby, Node.js, PostgreSQL, AWS
Responsibilities:
- Design and implement security architecture across cloud, infrastructure, endpoints, and applications using AWS tools like Security Hub, IAM, GuardDuty, CloudTrail, Inspector.
- Integrate static and dynamic security testing into CI/CD pipelines (e.g., SonarQube, GitHub Actions).
- Manage security tools such as SIEM, firewalls, MDM, VPN, EDR; automate alerting, patching, and rulesets.
- Lead security reviews, threat modeling, and promote secure coding practices.
- Manage incident response processes from detection to post-mortem.
- Support SOC2 compliance activities, including evidence collection and audits.
- Establish vulnerability management workflows, asset monitoring, and risk mitigation strategies.
- Educate teams on secure development, OWASP standards, and emerging threats.
- Work with leadership to develop security roadmaps and tooling strategies.
Qualifications:
- 5+ years in infrastructure and/or application security, preferably in startups or scale-ups.
- Strong knowledge of AWS security fundamentals and tools.
- Experience integrating security into CI/CD workflows.
- Proficiency in scripting (Python, Bash) for automation.
- Excellent communication skills for technical and non-technical audiences.
- Proactive problem-solver with strategic thinking and autonomy.
- Experience managing a broad security surface area, including endpoints, cloud, and compliance.
Reporting To: DevOpsSec Manager
Why Join Us:
- Generous PTO: 20 days vacation.
- Stock options and comprehensive benefits.
- Remote-first culture with optional Toronto office work and in-person socials.
- Resources for professional development, including L&D budget and feedback processes.
- Work with a high-performing, empathetic team in a flexible environment.
About PolicyMe
Canada’s leading digital insurance provider, offering straightforward, affordable protection for families nationwide. Since 2018, we’ve grown rapidly, selling over $10 billion in coverage, with a remote team across Canada.
Equal Opportunity & Accessibility
We are committed to diversity and accessibility. Accommodations are available during the application process.
#J-18808-Ljbffr
Company
PolicyMe
Location
Toronto
Country
Canada
Salary
125.000
URL