HiringCafe
Posted 1mo ago

Senior IT Security Engineer | Vancouver | Hybrid

@ Zema Global Data Corporation
View All Jobs
Vancouver, British Columbia, Canada
$105k-$130k/yrHybridFull Time
Responsibilities:design controls, monitor security, improve posture
Requirements Summary:Senior cloud security engineer with DevSecOps focus; experience with AWS/Azure, CI/CD security, SIEM/SOAR; CSPM; SOC 2 and ISO 27001; hands-on vulnerability management and secure software delivery.
Technical Tools Mentioned:AWS, Azure, CSPM, SAST, DAST, SIEM, SOAR, CI/CD tooling, CIS benchmarks
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Location: Vancouver, Canada

Position Type: Full-time, Permanent

Work model: Hybrid (8 days in office per month)

Industry: Commodities & Energy

About us:

Founded in 1995, Zema Global Data Corporation empowers organizations to simplify complexity, reduce risk, and make faster, more confident decisions that drive measurable results. Over the past two years, Zema Global has accelerated its growth through strategic investment and acquisition to strengthen our global leadership. Together we’re helping our customers gain a Decisioning Advantage – one bold idea at a time. With a presence across global energy, commodity, and financial markets, Zema Global empowers customers to simplify complexity, reduce risk, and make faster, more confident decisions that drive measurable results.

At Zema Global, we Think Big, Make It Happen, and Win as One. We thrive on collaboration, creativity, and respect, united by a shared drive to innovate and deliver meaningful impact for our customers and communities. If you’re inspired by solving complex challenges and contributing to a culture that values purpose and performance, we invite you to join us.

Position overview:

  • The Senior Security Engineer is a key contributor to securing a cloud-first, DevSecOps driven environment, responsible for embedding security into cloud platforms, with a strong focus on automation, scalability, and resilience.

  • Working closely with Engineering, DevOps, this role ensures the integration of security into CI/CD pipelines, cloud infrastructure, and application architectures while supporting compliance with SOC 2 and ISO 27001.

  • This position involves a combination of hands-on execution and strategic advisory responsibilities and essential to enabling secure growth, maintaining customer trust, and ensuring the organization meets its security and compliance commitments without compromising delivery.

Key Responsibilities:

  • Design and implement cloud-native security controls across AWS infrastructure, platforms, and applications to protect systems and data while enabling scalable business growth.

  • Perform regular risk analysis across cloud environments and responsible for the definition and implementation of remediation activities, in a timely and coordinated manner

  • Operate and enhance security monitoring and response capabilities through the deployment and continuous improvement of SIEM and SOAR solutions to enable timely detection, investigation, and response to security events

  • Work with the SMEs to ensure security is embedded into CI/CD pipelines and development workflows by implementing automated security testing, policy enforcement, and secure-by-default configurations aligned with DevSecOps principles.

  • Advise SMEs to ensure application security is embedded into the development lifecycle by supporting SAST, DAST, and secure code reviews, and by working directly with developers to remediate OWASP Top 10 risks.

  • Continuously assess and improve AWS cloud security posture by implementing and maintaining CSPM controls to identify misconfigurations, reduce exposure, and enforce security best practices.

  • Align technical security controls with CIS benchmarks and frameworks to strengthen baseline security configurations and support consistent, repeatable security outcomes

  • Partner with engineering, platform, and IT teams to provide security architecture guidance, threat modelling, and secure design reviews that balance risk management with delivery velocity.

  • Act as the first point of escalation during the security incident detection and response to security events, also supporting investigations, and coordinating timely remediation to reduce risk and business impact.

  • Lead vulnerability management and remediation validating efforts, by prioritizing risks, verifying fixes, and working with IT & DevOps teams to ensure timely and effective resolution.

  • Support penetration testing and remediation efforts by coordinating technical activities, validating remediation actions, and confirming closure of identified findings.

  • Contribute to SOC 2 and ISO 27001 compliance by implementing, operating, and evidencing technical security controls that are practical, auditable, and aligned with organizational policies.

  • Automate security processes and controls to improve consistency, reduce manual effort, and scale security operations in a cloud-first environment.

  • Support continuous improvement of security operations by providing technical expertise, contributing to post-incident reviews, identifying control gaps, and implementing improvements that enhance resilience and reliability.

  • Collaborate across teams to promote shared security ownership by communicating clearly, providing guidance, and enabling teams to build and operate secure system

Candidate Requirements

Essential

  • Demonstrated experience in a senior or advanced security engineering role within a cloud-first or DevSecOps environment, supporting production systems and modern application architectures.

  • Bachelor’s degree in computer science, Information Security, Engineering, or a related field, or equivalent practical experience.

  • Relevant industry certifications (such as AWS Security, CISSP, CISM, CCSP, or equivalent) or demonstrated equivalent experience in security engineering and cloud security.

  • Experience integrating native cloud security tools and aligning them with organizational use cases to enhance overall security posture.

  • Strong hands-on experience securing cloud platforms, with a focus on Azure, AWS, including network security and cloud security posture management (CSPM).

  • Proven application security experience, including secure code reviews, SAST and DAST implementation, and hands-on remediation of OWASP Top 10 vulnerabilities in collaboration with development teams.

  • Experience integrating security into CI/CD pipelines and release processes, supporting secure software delivery through automation and policy-driven controls.

  • Practical experience in security monitoring and incident response, including working with SIEM and SOAR platforms

  • Strong understanding of secure system design principles, including least privilege, defence in depth, encryption, and secure configuration management.

  • Ability to communicate security concepts clearly and effectively to technical and non-technical stakeholders, enabling informed decision-making and shared ownership of security outcomes.

  • Demonstrated problem-solving skills and sound judgment, with the ability to assess risk, prioritize work, and deliver practical security solutions in a fast-paced environment.

  • Experience working collaboratively across Development, Engineering / Platform, and operations teams, contributing positively to team outcomes and a culture of continuous improvement.

 

Desirable

  • Familiarity with container and Kubernetes security, including image scanning, runtime protections, and secure configuration practices.

  • Hands-on experience with Wiz (cloud security posture management) and Microsoft Defender for Endpoint.

  • Exposure to advanced detection and response use cases, such as custom SIEM queries, SOAR playbook development, or tuning alerting for reduced noise.

  • Knowledge of additional security frameworks or regulations, such as NIST CSF, NIST 800-53, beyond SOC 2 and ISO 27001.

  • Experience supporting external audits or client security assessments, including responding to security questionnaires or providing technical evidence.

  • Scripting or automation skills (e.g., Python, Bash) to support security tooling, integrations, or process automation.

  • Ability to work across global or distributed teams, with experience collaborating across time zones and cultures.

 

Why Zema Global?

  • Be part of a rapidly growing company shaping how data drives decisions in energy and commodities.

  • Work with cutting-edge technology alongside industry experts.

  • Significant opportunity to impact strategy, revenue growth, and decision-making.

  • Join a meritocratic culture that values innovation, collaboration, and autonomy to drive meaningful change.

 

How to Apply
 Send your CV highlighting your relevant experience (we only accept CVs in English). Only shortlisted candidates will be contacted. No agency submissions, please.

 

*** No visa sponsorship is available for this position ***

Equality and Diversity
 Zema Global is committed to diversity and inclusion. We encourage applications from all qualified individuals and do not discriminate based on race, gender, sexual orientation, disability, or any other protected status.