Security Engineer
Toronto, Ontario, Canada - Remote
Full Time Mid-level / Intermediate USD 135K - 180K
CARET
CARET brings the latest in technology and automation to legal and accounting firms. Explore our solutions today!CARET brings the latest in technology and automation to over 10,000 legal and accounting firms, empowering highly skilled professionals to refocus their expertise on what truly matters. CARET harnesses powerful and secure practice management, document automation, and payment processing to take firms, professionals, and their clients further.
Our team-defined values guide how we show up for each other, for our partners, and for our customers:
- We succeed together
- We embrace progress
- We care big
- We create space
To join our remote-first, engage from anywhere team, visit getcaret.com/careers.
The Senior Security Engineer should have a strong and demonstrated aptitude for Cyber Security with experience in Cloud Security (CloudSec), Vulnerability Management & Response (VMR), and Compliance audits (SOC2, PCI DSS, ISO 27001). Your experience should be supported by extensive and diverse experience in leading high-profile technical programs and projects. Your capability to review and advise on Security matters should span into the domain knowledge of Systems Engineering, Network Operations, and Application Development.
Responsibilities:
- Design, implement, manage, and automate robust cybersecurity solutions to safeguard our networks, systems, and applications.
- Conduct thorough security assessments and risk analysis to identify vulnerabilities and recommend appropriate measures for mitigation.
- Collaborate with cross-functional teams to integrate security best practices into the development lifecycle of applications and infrastructure.
- Monitor and respond to security incidents, conduct incident investigations, and implement incident response strategies.
- Stay abreast of emerging threats and vulnerabilities, and proactively implement measures to counteract potential risks.
- Develop and deliver cybersecurity training programs to educate staff on security best practices and promote a security-conscious culture.
- Evaluate and recommend new technologies, tools, and methodologies to enhance our cybersecurity posture.
- Conduct regular security audits and assessments to ensure compliance with industry standards and regulatory requirements.
- Provide expertise and guidance on security-related matters to internal stakeholders and leadership.
Requirements
- Minimum 5+ years of continuous experience in Cyber Security including Engineering, Operations, and/or Compliance
- Deep technical knowledge of Cyber Security, DevOps, and InfraOps is preferred
- Security Architecture principles (Defense-in-Depth, Least Privilege, Zero Trust, etc.)
- Hybrid Environments (Azure, On-Prem Networks, Containers, Endpoints, etc.)
- Security Program Phases (Risk Assessment, Architecture and Design, Implementation, Operations and Monitoring)
- Strong organization and leadership skills with the ability to facilitate technical sessions and capable of communicating complex technical information to a non-technical audience
- Certification in at least one of the following OSCP, CCSA, CISA, or CISSP
- Knowledge of NIST, CIS Top 18, and other applicable Security Industry Standards and Best Practices
- Scripting and Automation (Python, PowerShell, API)
- Experience with Microsoft Defender, Rapid7, CoalFire, and Trivy are positives
Benefits
- Flexible PTO
- Certification(s) reimbursement
- Summer Fridays
- No meeting Fridays
- Extended Medical, Dental, Paid Sick Days, Vision, Life Insurance, and Disability Leave Coverage
Equal Employment Opportunity: CARET is an Equal Opportunity, Affirmative Action Employer.
The compensation information below is provided in compliance with job posting disclosure requirements.
Pay range: $135,000 - $180,000. Actual base pay will depend on varying circumstances, including the position, location, individual qualifications, market finances, and other operations business needs.
Depending on the position, compensation may also include commission, bonuses, etc. Potential for bonuses is based on company performance and potential for merit increases is based on performance.
#LI-AM2
#ProductsTech
Tags: APIs Audits Automation Azure CISA CISSP Cloud Compliance DevOps Incident response ISO 27001 Monitoring NIST OSCP PCI DSS PowerShell Python Risk analysis Risk assessment Scripting Security assessment SOC 2 Vulnerabilities Vulnerability management Zero Trust
Perks/benefits: Flex vacation Health care Insurance Medical leave Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs