This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Security Engineer, Vulnerability Automation based in Canada.
This role sits at the core of a modern, AI-enabled Security Engineering function focused on transforming how vulnerabilities are detected, validated, and remediated across engineering teams. You will design and evolve automated pipelines that connect threat intelligence, AppSec findings, and red team outputs into actionable, developer-ready fixes. The environment is highly collaborative, fast-moving, and deeply technical, with a strong emphasis on experimentation and continuous improvement. You will help shape a system where developers receive validated, high-confidence remediation outputs instead of raw vulnerability noise. This is a hands-on engineering role for someone who enjoys building scalable security platforms that directly reduce risk while improving developer experience. You will work closely with product and engineering teams to ensure security is embedded seamlessly into the development lifecycle. The culture values curiosity, trust-building, and practical innovation—especially in leveraging AI to improve security workflows.
\n
Accountabilities:
In this role, you will design, build, and own the end-to-end vulnerability automation pipeline that transforms security findings into validated, actionable remediation. You will be responsible for building scalable systems that reduce friction for engineering teams while improving security outcomes.
- Build and maintain vulnerability engineering pipelines, including ingestion of threat intelligence, vulnerability data, and security signals from multiple sources
- Develop automation that filters false positives and generates validated remediation outputs such as PRs or actionable engineering tasks
- Enhance and mature security tooling that integrates into CI/CD workflows and developer environments
- Partner with engineering teams to ensure security findings are accurately triaged, prioritized, and resolved efficiently
- Improve incident response processes, on-call support, and post-incident learnings through runbook development and system enhancements
- Drive cross-team coordination on complex vulnerability issues, ensuring clear communication and steady progress toward resolution
- Experiment with and scale AI-driven security workflows to improve detection, investigation, and remediation speed
- Contribute to evolving security architecture standards, ensuring consistency, reliability, and scalability across the platform
Requirements:
This role requires strong technical depth in security engineering combined with a builder mindset and a collaborative approach to cross-functional work. You should be comfortable working across the full vulnerability lifecycle and influencing engineering teams through trust and expertise.
- 5+ years of experience in security engineering, AppSec, or related roles with hands-on experience building security automation or internal tools
- Strong programming skills in Python and experience integrating security tooling into CI/CD environments (e.g., GitHub Actions)
- Deep understanding of web and API vulnerabilities and how they translate into real-world risk and remediation strategies
- Familiarity with modern security tooling such as SAST, SCA, DAST, secret detection, and ASPM platforms
- Experience designing or improving vulnerability management pipelines, including triage, validation, and remediation workflows
- Proven ability to work across engineering teams and influence without formal authority
- Strong communication skills with the ability to tailor technical findings for different audiences, from engineers to leadership
- Hands-on mindset with AI tools and a strong interest in experimenting with AI-assisted security workflows
- Experience mentoring others or acting as a technical multiplier within engineering teams
- Bonus: experience with mobile application security or large-scale distributed systems
Benefits:
- Competitive annual salary with growth-aligned compensation philosophy
- Full remote flexibility within Canada
- Comprehensive health, dental, and wellness benefits package
- Opportunities for continuous learning, experimentation, and professional development
- Exposure to cutting-edge AI-driven security engineering practices
- Collaborative, high-trust engineering culture focused on impact and autonomy
- Flexible work environment supporting work-life balance and productivity
- Participation in a mission-driven organization focused on improving safety and reliability at scale.
\n
How Jobgether works:
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
Why Apply Through Jobgether?
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
#LI-CL1