RemoteLeaf Logo
Log in Sign up

Senior Security Engineer - Vulnerability Management

1 month ago
Canada
Full-time
Senior
Security Engineer
DevOps and Infrastructure
AWS CI/CD DevSecOps Go Python Terraform
Apply Now
Samsara

Samsara

Samsara pioneers the Connected Operations Cloud, offering AI safety programs, real-time visibility, and integrations for industries to enhance efficiency, safety, and sustainability globally.

IT Services
1K-5K
Founded 2015
View All Jobs 84

Description

  • Lead and own the ongoing operation and maintenance of Samsara’s vulnerability management program, ensuring consistent execution of processes.
  • Manage vulnerability scanning tools and refine detection capabilities to improve accuracy and reduce false positives.
  • Generate and distribute monthly and quarterly compliance and vulnerability reports in coordination with the Vulnerability Technical Program Manager.
  • Collaborate with engineering teams to track, support, and advise on remediation of identified vulnerabilities.
  • Analyze and triage vulnerabilities, escalating critical issues to senior security engineers or Security Operations as needed.
  • Participate in security incident investigations related to high-profile vulnerabilities, gathering data and assessing potential impact on Samsara infrastructure.
  • Contribute to documentation and process improvements to streamline vulnerability management workflows.
  • Champion Samsara’s cultural principles (customer focus, long-term thinking, growth mindset, inclusivity, teamwork) in daily work.
  • Be regularly on call to support vulnerability management and incident response needs.

Requirements

  • 6+ years of relevant experience in security engineering and vulnerability management within an enterprise environment.
  • Significant hands-on experience with modern vulnerability management tooling (examples: Wiz, Semgrep).
  • Deep subject matter expertise with vulnerability scoring and prioritization frameworks such as CVSS and EPSS.
  • Strong familiarity with common security vulnerabilities and the ability to assess their severity and business impact.
  • Excellent development background with experience in Python or Go.
  • Strong DevOps/DevSecOps or SRE background with experience in AWS cloud services and Terraform.
  • Experience with security automation platforms (e.g., Tines) and serverless frameworks such as AWS Lambda.
  • Deep understanding of application security testing methodologies, including SAST, DAST, and SCA.
  • Practical experience managing vulnerabilities within a FedRAMP-certified environment and/or integrating vulnerability management into CI/CD pipelines with a "shift-left" mentality.
  • Willingness and availability to participate in a regular on-call rotation.

Benefits

  • Annual base salary range: $157,250 — $203,500 CAD.
  • Competitive total compensation package for full-time employees.
  • Employee-led remote and flexible working model with support for remote, hybrid, and in-office arrangements.
  • Health benefits for full-time employees.
  • Inclusive workplace with accommodations for candidates with disabilities and support throughout the recruiting process.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Databricks

Head of Corporate Engineering

Databricks 1K-5K IT Services

Databricks is hiring a Head of Corporate Engineering to lead global enterprise engineering and operations, building and scaling secure cloud infrastructure, identity and access, endpoints, collaboration and engineering tools to enable developer velocity and enterprise compliance.

United States Full-time Lead Infrastructure Engineer Security Engineer
$265k-$364k
Agile AWS Azure Confluence GCP GitHub JIRA macOS
1 month ago
ClickHouse

Incident Response Security Engineer

ClickHouse 51-250 IT Services

Security practitioner role at ClickHouse focused on scaling incident detection and response capabilities, driving adoption of security processes and tooling, and protecting the company’s cloud and product infrastructure for customer-facing services.

United Kingdom Full-time Senior Security Engineer
AWS Azure ClickHouse GCP Penetration Testing Python SIEM
1 month ago
ARETUM

Junior DevSecOps Engineer - Contingent

ARETUM Construction & Engineering

Junior DevSecOps Engineer at Aretum supporting a federal client to operate, automate, and secure cloud-based systems and CI/CD pipelines to enable reliable, compliant deployments.

United States Full-time Junior DevOps Engineer Security Engineer
Agile Ansible AWS AWS CDK Azure Chef CI/CD Docker Encryption Git GitLab CI Grafana JIRA Kubernetes Linux LXC Prometheus Puppet SaltStack Scrum Serverless Terraform
1 month ago
CSC Generation

Senior Cybersecurity Engineer

CSC Generation 251-1K Internet Software & Services

Senior Cybersecurity Engineer at Backcountry responsible for shaping and executing security strategy to protect the company’s multi-brand e-commerce platforms and cloud-backed infrastructure across distributed environments.

United States Canada Costa Rica Full-time Senior Security Engineer
AWS Bash CI/CD DNS GCP Git GitHub Penetration Testing PowerShell Python SIEM TCP/IP Terraform
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers