Senior Security Engineer - Blue Team

Embark on a pivotal journey with Jane as our new Senior Security Engineer for our Cybersecurity team, where your expertise in defensive security practices, incident management, and threat intelligence will fortify our digital fortress and transform our security culture. In this vital role, you'll help lead technical initiatives, enlighten our team with your knowledge, and carve out our path to robust security operations, all while being a beacon of cybersecurity wisdom. You will engage and educate our users by demonstrating real-time defensive tactics and secure practices, fostering a deeper understanding of cybersecurity. Your mission will be to elevate our security posture, instill best practices, and ensure that our commitment to safeguarding data is more than just a standard—it’s part of our vision to be both trusted and helpful to our customers. If you are passionate about defensive security and have a strong desire to protect critical systems from potential threats, we would love to hear from you!
Like with all positions at Jane, this position is a remote position, allowing you to work anywhere you want across Canada. Building a delighted team who can delight our customers is part of Jane’s DNA. In our most recent company-wide health check, 99% of our team agreed that our founders demonstrate people are important to Jane’s success. On top of that, 98% of our team felt Manager cares about them as human beings and that they are supported when needing to arrange time off from work. We’d never claim to be perfect, but we’re working hard to listen to our people and improve each day.
We really want the people who work at Jane to love being here, so it's important that we start with a bit about what makes our company unique and try to be as transparent as possible. Our values also provide some insights into Jane and hopefully, you’ll have a better idea if this might be the kind of company you want to be part of.
Before we were Jane, our Co-Founders were solving problems for their own clinics not realizing that a few years later, this team would grow to support tens of thousands of healthcare practices in more than 60 countries. Our platform is now helping to modernize the world of practice management software. We enable the likes of physiotherapists, mental health counsellors, chiropractors, and other allied health practitioners to run their practices in a digital-first way through features such as online booking, charting, scheduling, telehealth, and billing along with an evolving library of features. You can see more of them here. Although we’ve grown, still to this day, we’re rooted in solving clinics’ problems and making sure we don’t lose sight of Jane’s vision.
We have remained profitable for the past seven years, we’re product-led and growing organically (and responsibly) to the point where 85% of our customer growth is either from customer referrals or word of mouth. Growth like this is unique, especially in the world of SaaS, and it doesn’t happen by chance. We have a brilliant team of over 400 Janers who are doing an amazing job of listening to our customers, building what they need, and providing industry-leading support. We pride ourselves on flexibility & autonomy, some of our team block out their calendars to pick up their children from school (and this is normal at Jane), and we even have a #kids channel in Slack.
We’re not a clock-in clock-out system-type environment. With that being said, we’re not going to paint the picture of a perfect environment either. We’re a company that’s scaling quickly, we have many moving parts, many of us are doing this for the first time and sometimes, we don’t have processes in place or clear views which can require a lot of resourcefulness and a passion for problem-solving.
With all that to say, if you’re looking for an environment where you can grow, stretch yourself, and work with some incredibly talented people on problems that are positively impacting people's lives, Jane could be the place for you.
Compensation Expectations for the Role
Jane’s committed to paying our team members fairly, clearly, and above all, paying for growth. This role has a minimum annual salary of $117,100 and a maximum annual salary of $182,900. As you may have noticed, this salary range is quite large, and this is intentional to account for the growth someone will experience in the role throughout their time at Jane (i.e., from building the skills to accomplished, to highly proficient, all the way to achieving excellence in the role). When hiring talented folks to join the Jane team, we’ve found that new team members are best set up for success when hired with the expectation of being fully accomplished in the role, which for this role would reflect a salary between $139,000 to $146,300.
It's also possible to join Jane at a salary above or below this, which would mean a salary below $139,000 typically reflects someone who has all the potential to be fully accomplished in the role but doesn't yet possess all the skills required, while a salary above $146,300. It's typically for individuals who are currently in this role at Jane and had the opportunity to make a significant positive impact on our customers, product and company with deep Jane knowledge. At Jane, we pay for growth, which means that you’ll continue to have conversations about your career development with your manager and see your compensation grow over time as you build an amazing career with us.
Paying clearly is one of our compensation fundamentals to help folks build trust in the compensation process at Jane. To better understand Jane’s compensation fundamentals and how this range is determined, click on this link here for a short video walkthrough of how it all works! We also welcome you to ask as many questions as you’d like about compensation throughout the interview process to ensure you feel confident and build trust through the process.
More information on Jane's benefits package can be found here 

The impact you could have…

• Contribute to our security operations by performing security assessments, monitoring security alerts, and participating in incident response. You will use a variety of tools to assess the security measures in place and identify areas needing enhancement.
• Implement and optimize the application security program, including security tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and dependency management tools. You will also implement metrics to track and improve the effectiveness of the application security program.
• Assist in conducting detailed threat modelling exercises and assess and mitigate risks by conducting security assessments to identify vulnerabilities and suggesting remedial action to mitigate risks.
• Support incident response and detection efforts. Develop detection mechanisms, monitor security alerts, and participate in incident response to ensure quick and effective resolution of security incidents.
• Collaborate with various teams, including software development and IT, to implement identity and access management controls and measures that support the security framework of the organization.
• Support security initiatives in cloud security and endpoint detection to enhance the organization's overall security posture.
• Participate in supporting security reviews for new features, application changes, and updates to ensure that security considerations are integrated from the early stages of development.
• Share your knowledge illustrating how systems can be protected, as part of education outreach to enhance our team’s understanding of potential security vulnerabilities and the necessary countermeasures.
• Stay informed about new security trends, tools, and practices to help maintain and enhance the security posture of the organization. Engage in continuous professional development through research and applying new knowledge to daily tasks.

The experience we feel we need:

• Bachelor’s degree in Computer Science, Information Security, or a related field or commensurate experience.
• Experience in security functions such as security operations, application security program administration, and incident response. Experience with cloud security, endpoint detection, and identity and access management is highly valued.
• Familiarity and experience with security frameworks and tools such as SAST, DAST, SCA, SIEM, IDS/IPS, EDR, and cloud security platforms. Ability to automate security processes and workflows, integrating security tools into CI/CD pipelines.
• Understanding of OWASP, the MITRE ATT&CK framework, and the software development lifecycle.
• Certifications like CISSP, CISM, CEH, or similar are preferred but not mandatory.
• Good problem-solving skills with a capability to analyze and prioritize risks in various systems.
• Strong communication skills to articulate security issues and collaborate effectively within the team and to convert complex security scenarios into engaging narratives.

At Jane, we’re committed to fostering an environment that allows you to come to work as your truest self. We believe it’s important to actively recognize, embrace, and celebrate our differences in order to make Jane an inclusive, equitable, and diverse workplace.
We want to build a team of people who make conversations rich with perspective and experience. We are committed to listening to every voice in order to learn and grow because doing this will allow us to meet the needs of the diverse community of helpers that Jane serves.
We do not tolerate discrimination, prejudice, or oppressive isms of any kind. Employment is decided on the basis of qualifications, merit, experience, and the needs of the Jane community. We encourage anyone who requires accommodation or adjustments throughout the interview process to let us know, and we will do our best to support you.