RemoteLeaf Logo
Log in Sign up

Cloud Security Engineer

4 hours, 18 minutes ago
Canada
Full-time
Senior
Security Engineer
DevOps and Infrastructure
AWS CI/CD GCP Go GraphQL HIPAA JavaScript LLM Python Ruby on Rails Secrets Management Terraform TypeScript
Apply Now
Fullscript

Fullscript

Fullscript provides a platform that enables healthcare practitioners to create personalized supplement plans and recommend professional-grade supplements to their patients, enhancing patient care and treatment adherence through convenient ordering and ...

Health Care Providers & Services
251-1K
Founded 2011
$267M raised
View All Jobs 14

Description

  • Design and implement cloud security controls across AWS and Google Cloud, including multi-account architecture, network segmentation, data protection, and secure-by-default patterns.
  • Build reusable Terraform modules, reference architectures, policy-as-code guardrails, and self-service tooling for engineering teams.
  • Operate and tune CSPM/CNAPP tooling to identify misconfigurations, exposures, toxic combinations, and coverage gaps across cloud environments.
  • Drive remediation of cloud vulnerabilities and misconfigurations while balancing risk, engineering effort, customer impact, and business priorities.
  • Strengthen IAM, secrets management, key rotation, cloud credentials, machine identities, and just-in-time access patterns across cloud and SaaS environments.
  • Embed security into CI/CD pipelines through IaC scanning, container image scanning, SBOM generation, artifact protection, and supply chain controls.
  • Partner with SOC and engineering teams on cloud-native detections, logging, runbooks, incident response, post-incident learning, and secure AI/ML workload patterns.

Requirements

  • 4+ years of security engineering experience, including 2+ years focused on cloud security in AWS and/or Google Cloud.
  • Strong understanding of cloud-native attack paths, IAM risks, network controls, data protection, key management, secrets management, and workload identity.
  • Hands-on experience with infrastructure-as-code, ideally Terraform, and how to secure it at scale.
  • Ability to write code in Python, Go, or a similar language to automate detection, remediation, and security workflows.
  • Experience integrating security tooling into CI/CD pipelines and developer workflows without unnecessary friction.
  • Working knowledge of at least one compliance framework such as SOC 2, HIPAA, HITRUST, PCI-DSS, or ISO 27001, with the ability to translate requirements into technical controls.
  • Strong communication and collaboration skills with a bias toward enabling teams and influencing without authority.
  • Experience in healthcare, fintech, or another regulated environment is a plus.
  • Hands-on experience with CSPM or CNAPP tools such as Wiz, Prisma Cloud, Lacework, or similar platforms is a plus.
  • Experience securing Ruby on Rails, JavaScript, TypeScript, GraphQL, containerized workloads, or modern cloud-native applications is a plus.
  • Cloud incident response, forensics, or threat hunting experience is a plus.
  • Experience securing AI/ML workloads, LLM integrations, data science platforms, autonomous AI systems, or non-human identities is a plus.
  • Familiarity with AI/ML model supply chain risks, AI-specific SBOMs, or controls for limiting blast radius and privilege escalation is a plus.
  • Open-source contributions or experience building internal security tooling is a plus.

Benefits

  • Salary range of $100,000 to $110,000 CAD base pay.
  • Remote-first flexibility with preferred locations in Ottawa, Toronto, Calgary, or Vancouver.
  • Flexible PTO and competitive pay.
  • RRSP/401k match and stock options.
  • Premium benefits package with customizable coverage, paramedical services, and an HSA.
  • Fullscript discounts on wellness products.
  • Continuous learning opportunities to support skills and career growth.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

The Missing Link

Saviynt IAM Specialist

The Missing Link 51-250 Internet Software & Services

The Missing Link is seeking a Security Engineer - Saviynt to support large enterprise identity governance initiatives, design and deliver Saviynt-based solutions, and strengthen its growing cyber security practice.

India Full-time Mid Level Security Engineer
Active Directory Azure Cybersecurity JavaScript PowerShell REST API SAP SQL
3 hours, 33 minutes ago
EnableComp

AI Security Architect (REMOTE - United States)

EnableComp 251-1K Insurance

EnableComp is seeking a remote AI Security Architect to secure and govern its AI and machine learning initiatives within its healthcare revenue cycle management environment.

United States Full-time Senior AI Engineer Security Engineer
Azure Cybersecurity HIPAA LLM Machine Learning
3 hours, 48 minutes ago
Dropbox

Senior Infrastructure Security Engineer

Dropbox 1K-5K Internet Software & Services

Dropbox is hiring a Security Engineer to secure its AI and agentic infrastructure while helping protect products and users across cloud and on-prem environments.

Canada Full-time Lead Infrastructure Engineer Security Engineer
$152k-$206k
Bash CI/CD CrowdStrike Go Java Kubernetes Linux LLM Node.js OAuth OpenID Connect OWASP Python Ruby Rust SIEM
3 hours, 48 minutes ago
Dropbox

Senior Infrastructure Security Engineer

Dropbox 1K-5K Internet Software & Services

Dropbox is hiring a Security Engineer to protect its AI and cloud infrastructure by integrating security into products and operations for millions of users.

United States Full-time Lead Infrastructure Engineer Security Engineer
$190k-$290k
Bash CI/CD CrowdStrike Go IDS IPS Java Kubernetes Linux LLM Node.js OAuth OpenID Connect OWASP Python Ruby Rust SIEM
4 hours, 18 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers