Security Engineer (Remote First)
Toronto, ON
Zensurance
Being a technology-forward company, we utilize various tools and platforms to create fun, engaging and meaningful work experiences for our employees, as a remote-first company.
We are boldly going where no insurance broker has gone before!
The IT team supports Zensurance and its team members with a full life-cycle of technology support (from on-boarding - to offboarding). The team also supports and works closely with every team across Zensurance in providing technical support, implementation of technologies, and guidance for programs and initiatives related to their department.
Reporting to the Associate Director, IT, you will be responsible for supporting our company-wide information security management program to ensure that information assets are adequately protected.
You will proactively work with Zensurance business units to implement practices that meet defined policies and standards for information security. The role also assists in a variety of IT-related risk management activities and includes the day-to-day support of various information security programs and initiatives.
As an individual contributor, you will collaborate closely with the Associate Director to coach and mentor colleagues across the organization. You'll play a key role in supporting the Technology Leadership Team with employee training and development initiatives, aiming to continuously improve the team's technical capabilities and delivery excellence.
Responsibilities
- Program support: Facilitate information security governance, policies, and standards.
- Lead awareness training and collaborate on risk assessment.
- Provide regular reporting and support security incidents.
- Security Liaison: Assist resource owners and IT staff with audit failures.
- Liaise between security and enterprise architectures.
- Manage security issues, incidents, and reporting metrics.
- IT/Engineering Support: Implement technical configurations and automate security workflows.
- Maintain application security mapping and consult on software selection.
- Consult on security integration in application evaluation and installation.
- Operational Support: Coordinate security management and vendor compliance.
- Manage incident response and maintain a security knowledge base.
- Oversee security testing procedures and remediation efforts.
- Perform other duties as assigned.
Requirements
- University degree or college diploma in a recognized technical, vocational or academic program (preferably in InfoSec or Cyber Security) or equivalent work experience.
- 3+ years working in Information Security, preferably in an agile and fast paced environment.
- Demonstrated proficiency in interpreting stakeholder expectations and translating them into comprehensive technical plans and requirements, followed by successful implementation of said plans in a technical capacity.
- Experience with identity management software and capabilities such as single sign on (SSO), just in time (JIT) provisioning, and system for cross domain identity (SCIM) in tools such as JumpCloud, Okta, Auth0, PingIdentity, etc.
- Experience with configuring and maintaining endpoint and email security platforms such as Crowdstrike, Mimecast, etc.
- Experience configuring and maintaining network security solutions such as Netskope, ZScaler, etc.
- Experience facilitating implementation and execution of policies and processes across an organization.
- Experience writing and adapting cyber security policies, auditing and performing security gap analyses.
- Experience with common information security management frameworks and compliance standards, such as the CIS Controls v8, NIST, ISO 27001, SOC 2, PIPEDA, PCI.
- Experience working with legal, audit and compliance staff.
- Experience in working with, documenting, and implementing Cloud security controls for AWS or similar Cloud providers.
- Proficiency with Google Workplace, Zoom, Slack and Microsoft Office (Excel and Word).
Nice to have
- Proficiency with Application Programming Interfaces (APIs), including utilizing various API functionalities to enhance security posture in various systems is considered an asset.
- Security certifications such as CISSP, CISA, CISM, GIAC, CBCP, MBCI, or similar are preferred.
- Experience with automation workflow tools such as Zapier is considered an asset.
• Opportunity to work for Canada’s fastest-growing #insurtech scale-up • Primarily remote work environment available to everyone• Laptop, extra monitor and main accessories are provided • Extra home office and supplies allowance to help with work-from-home set up• Comprehensive and flexible health and dental plans to suit all lifestyles, including mental health • Health/Personal Spending Accounts to subsidize your healthy habits and purchases• Parental Leave Top Up• Weekly Friday companywide huddles for casual catch-ups with other departments• Build next-level relationships with your peers through scheduled companywide virtual and in-person team-building events• Be a part of something special. We are confident you won’t find any other insurance company like us :)
Who we are. What we're building.
Business is hard work, insurance doesn’t have to be!
At Zensurance we believe that teamwork makes the dream work.
We are passionate about providing business owners with the best insurance solutions at great rates through an online and easy-to-use platform.
Our secret sauce is all about our culture. Here at Zensurance our culture is built on four core values that we live and breathe daily. They are:
INTEGRITY: We do what's right.INCLUDE: We are an open and safe space for all.INVENT: We take an innovative approach to creating straightforward solutions for our customers.DELIVER: We set ambitious goals and hold ourselves accountable for achieving them.
Zensurance celebrates diversity in its workforce structure and encourages applications from all backgrounds.
Zensurance is an inclusive employer that celebrates diversity in its workforce structure. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective provincial human rights codes throughout all stages of the recruitment and selection process. Please advise the recruiter if you require accommodation; to ensure your accessibility needs are accommodated throughout this process. Information received relating to accommodation will be addressed confidentially.
We understand that looking for a new exciting opportunity can be time-consuming. We truly appreciate your time in going through the job posting and applying for a position with us.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile APIs Application security Audits Automation AWS CISA CISM CISSP Cloud Compliance CrowdStrike GIAC Governance Incident response ISO 27001 Network security NIST Okta Risk assessment Risk management SOC SOC 2 SSO
Perks/benefits: Career development Flex hours Gear Health care Home office stipend Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs