Senior Security Engineer

Senior SecOps Engineer

(100% Remote - Canada)

ABOUT THE TEAM

The DevSecOps team owns the security, reliability, and governance of our cloud platform. We design and operate secure, scalable AWS infrastructure, implement and champion SRE best practices, and ensure the platform is resilient, cost-efficient, and compliant. The DevSecOps team partners with other engineering teams to embed security and reliability into every stage of the software lifecycle—providing the tools, automation, and guardrails that empower teams to build and operate services with confidence.

ABOUT THE ROLE

As a Senior SecOps Engineer, you will be a foundational pillar of our DevSecOps practice and team at Procurify. Customer trust is our most important asset, and this role is at the heart of upholding that commitment. You will be a hands-on expert responsible for building and scaling the security discipline within the DevSecOps team, and for creating a security-first culture across our engineering organization

WHAT YOU’LL BE WORKING ON

• Build & Automate Security Guardrails: Design, build, and implement automated security controls directly within our CI/CD pipelines and cloud infrastructure. You will use an Infrastructure as Code (IaC) approach to make security a seamless, default part of our development process.

• Own Threat Detection & Response: Implement and manage our security information and event management (SIEM) systems. You'll develop strategies for threat detection, lead security incident response efforts, and conduct security incident reviews to continuously harden our defenses.

• Champion Application & Cloud Security: Act as the lead security consultant for our engineering teams. You'll conduct security architecture reviews, perform threat modeling assessments, and provide expert guidance on securing our cloud-native applications and Kubernetes environment on AWS.

• Drive Compliance & Governance: Take a leading role in maintaining and maturing our compliance posture (e.g. SOC 2, PCI DSS, GDPR). You will translate compliance requirements into actionable, automated engineering tasks.

• Lead Security Awareness: Educate and empower your engineering colleagues by sharing your expertise on security best practices (e.g. OWASP Top 10), running security-focused initiatives, and being the go-to person for all things security.

• Our Tech Stack:

  • Cloud: AWS

  • Infrastructure as Code: Terraform

  • CI/CD & Automation: CircleCI, Python, Bash

  • Containers & Orchestration: Kubernetes, Docker, ArgoCD

  • Observability: Prometheus, Grafana, Kibana, New Relic

WHO WE’RE LOOKING FOR

• Proven Security Experience: 4+ years of hands-on experience in a Security Operations or DevSecOps role, preferably within a SaaS or cloud-native environment.

• Cloud & Container Security: Deep expertise in securing public cloud environments, particularly AWS. You have hands-on experience with container security and securing workloads in Kubernetes.

• Security as Code & Automation: A strong belief in automating everything. You are highly proficient with Infrastructure as Code (Terraform) and have experience scripting with languages like Python or Bash.

• Compliance Expertise: Practical experience working with and implementing controls for compliance frameworks such as SOC 2, ISO 27001, or PCI DSS.

• A Builder's Mentality: You are passionate about building and scaling security programs, not just operating them. You thrive on the opportunity to create new systems, automate processes, and have a high degree of ownership.

• Empathetic & Accountable: A collaborative, "low-ego" partner to development teams. You lead with empathy, believe that your team's success is your success, and take initiative in an autonomous environment.

• Exceptional Communicator: You excel at explaining complex security concepts to both technical and non-technical audiences, fostering a shared sense of responsibility for security across the company.

• Base Salary Range: $146,500 - $170,000 (This range is dependent on experience and not inclusive of any bonus, commission, benefits or equity that might exist in your total compensation package.)

WHY PROCURIFY?

We’re committed to helping mission-driven organizations spend smarter

Procurify is a remote-first company with a big heart and a strong ambition to modernize the way organizations manage business spend. We’re looking for talented and team-driven individuals to join us on our journey to build a place where the best people want to work – a place where every team member is championed to do their best work, chase their dreams, and put their wildest ideas to the test.

You’re empowered to do your best work

We’ve created an environment where personal and professional growth is a real priority. Some of the great perks we offer include:

• Flexible working: We’re a remote-first organization with flexible working hours. Work anywhere from within Canada!

• Unlimited responsible time off: Work hard, play harder. All team members can take advantage of our unlimited responsible time off policy.

• Extended health benefits: Massage appointments, dental coverage, counseling… You name it, our extended health benefits program likely covers it. Take advantage and become the best version of yourself.

• Community initiatives: We have a strong commitment to community. Join one of our regular community days, donate to our Donate Your Day program, and get involved with one of our lunch and learns.

• Stock options: Everyone has a chance to own a part of Procurify!

• DEI initiatives: We regularly run a diversity, equity, and inclusion roundtable where we host guest speakers and tackle the topics that matter.

We have an amazing team

We’ve welcomed team members who were boat captains, funeral directors, swing dancers, competitive gamers, plumbers, and novelists. Everyone has a story and we’re here to embrace them!

LEARN MORE

Procurify is an Equal Opportunity Employer. We do not discriminate against any team members or applicants for employment because of race, color, disability, sex, age, national origin, religion, sexual orientation, or gender identity and/or expression.

If you feel like you don’t meet all of the requirements for this role, we encourage you to apply anyway. We know that feelings of imposter syndrome can get in the way of meeting incredible candidates, and we certainly don’t want those feelings to get in the way of meeting you! We really want to get to know you and why you're great for the role. Please avoid including your picture and age on your resume.

Apply online today and let’s start a conversation.

To find out more about Procurify, check these resources out:

• Get to know our team through our Meet us Monday videos

• Check out what our customers are saying about us