HiringCafe
Posted 1d ago

Senior Security Engineer

@ FISPAN
View All Jobs
Vancouver, British Columbia, Canada
$130k-$160k/yrHybridFull Time
Responsibilities:Lead operations, Enhance automation, Tune SIEM
Requirements Summary:5+ years in security analysis/incident response; AWS Security Certification or equivalent; CISSP/CISM/GCIH/OSCP; IaC/automation with AI tools; Kubernetes/Docker; regulatory knowledge.
Technical Tools Mentioned:Splunk, CrowdStrike, AWS Security, Cloud Firewalls, Terraform, CloudFormation, Ansible, Python, Bash, Kubernetes, Helm, Docker, DAST, SAST, SCA, SonarCloud, Snyk, GitHub, Quay, Artifactory, Cloudflare, CloudFront, DDoS, WAF, CDN, ZTA, TenableIO, Google Workspace, Atlassian, Slack, Kandji, MAC MDM
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Our Business


FISPAN Services Inc. (FISPAN) is an Enterprise SaaS FinTech company that allows banks to deploy embedded financial products and services to create a seamless banking connection for their corporate clients. Our product aims to provide instant scale and reach for banks who want to remove friction and add value by enabling their commercial banking clients to access banking services through their preferred ERP / accounting platform. 


Founded in 2016 and headquartered in downtown Vancouver, FISPAN is on a mission to create the best product in the FinTech industry and fundamentally change the way that companies bank. Being the market leader in ERP Banking, we work with the world’s Tier 1 banks with assets exceeding $3T, including J.P. Morgan Chase, Wells Fargo, TD and Bank of Montreal. 


We are looking for dynamic and passionate individuals to join our high performance team and contribute to our rapid growth and exciting journey.


Position Overview


As a Senior Security Engineer, you will provide leadership, expertise, and advanced security analysis capabilities within our organization’s security operations. Operating at a senior level, you will be deeply involved with the organization’s cyber security strategic plans and critical decision-making. You will contribute to the continuous improvement of our security posture, from fine-tuning our SIEM and managing cloud firewalls to implementing Zero Trust Architecture, securing our CI/CD pipelines, and defending against emerging AI-driven threats. You will champion an automation-first and AI-augmented mindset. By continuously leveraging Infrastructure as Code (IaC) and AI tooling, you will scale, accelerate, and optimize our security operations across the board. Note: This role operates on a hybrid schedule, requiring you to be in the downtown Vancouver office 1-3 days per week, with remote options available for the right candidate.


Key Responsibilities


  • Embed Automation & AI Enhancement in Daily Workflows: Continually leverage generative AI, scripting, and Infrastructure as Code (IaC) across all tasks—from incident triage to playbook creation—to reduce manual toil, accelerate decision-making, and scale security operations.
  • Lead and oversee day-to-day security operations, utilizing AI-assisted analysis to ensure rapid and proper coordination of response with all parties of interest.
  • Ensure all incident tickets are assigned accordingly and resolved while establishing and complying with operations SLAs.
  • Improve alert signal-to-noise ratios and integrate external threat intel with security monitoring tools.
  • Regularly update and continuously improve threat detection use cases, utilizing AI tools to assist in rapid rule generation and threat modeling.
  • Ensure the efficient and effective function of all security tools across the organization.
  • Continuously fine-tune our SIEM to reduce false positives, leveraging advanced ML/AI capabilities where available to ensure pertinent data sources are onboarded and adequately parsed.
  • Identify, assess, and mitigate emerging AI risks, with a specific focus on vulnerabilities related to cloud-based AI services and agent-based AI architectures.
  • Manage and secure cloud environments, utilizing cloud firewalls and endpoint/CSPM platforms.
  • Deploy and maintain Zero Trust Architecture (ZTA).
  • Administer edge protections, including DDoS mitigation, WAF, and CDN configurations.
  • Oversee enterprise-wide vulnerability and configuration management.
  • Secure user SaaS-based tools, including platforms like Google Workspace, Atlassian, and Slack.
  • Manage Mac-based laptop and mobile device management (MDM) platforms.
  • Maintain comprehensive DNS and mail security/monitoring.
  • Integrate and manage security within the CI/CD pipeline, including DAST, SAST, and SCA.
  • Secure the software development lifecycle by integrating and managing scanning and repository tools.
  • Manage and secure containerized environments, ensuring safe image builds, dependency management, and secure deployments.
  • Manage the development of security documents, such as incident playbooks and security operations procedures.
  • Develop and exercise playbooks for different types of attacks, keeping all security operations documents up to date.
  • Lead and mentor junior personnel within the security team.


    Skills & Experience Required


    • Degree in information technology, computer science, cybersecurity, or a related field.
    • 5+ years of experience in security analysis, incident response, or a related field.
    • AWS Security Certification or equivalent experience.
    • Relevant industry certifications, such as CISSP, CISM, GIAC Certified Incident Handler (GCIH), or Offensive Security Certified Professional (OSCP).
    • In-depth knowledge of security principles, concepts, and best practices.
    • Strong understanding of network protocols, operating systems, and common vulnerabilities.
    • Proven experience applying Infrastructure as Code (IaC) principles and utilizing scripting/automation, along with modern AI assistants, to streamline daily security workflows and incident response.
    • Firm understanding of containerization and orchestration platforms (Kubernetes, Helm, Docker) along with robust image and dependency management practices.
    • Knowledge of security frameworks and standards, such as NIST, ISO 27001, and CIS Controls.
    • Familiarity with regulatory requirements, such as PCI DSS and GDPR.
    • Understanding of the threat landscape surrounding AI technologies, specifically evaluating and securing cloud and agent-based models.
    • Strong analytical and problem-solving skills, paired with excellent communication and collaboration abilities.
    • Specific Technology Stack Experience (Note: Experience with equivalent or similar tools is completely acceptable):
    • Logging & SIEM: Splunk.
    • Cloud & Endpoint: CrowdStrike (Host and CSPM), AWS Security, Cloud Firewalls (AWS/Fortinet).
    • Automation & IaC: Terraform, CloudFormation, Ansible, or similar automation frameworks and scripting languages (e.g., Python, Bash).
    • Containers & Orchestration: Kubernetes, Helm, Docker, and dependency/image management tools.
    • Pipeline Security: CI/CD pipeline security (DAST/SAST/SCA), such as Sonarcloud, Snyk, GitHub, Quay, and Artifactory.
    • Network & Edge: Cloudflare/CloudFront (DDoS, WAF, CDN), ZScaler (ZTA).
    • Vuln Management: TenableIO (Vulnerability and Configuration Management).
    • SaaS & Email: Proofpoint (DNS/Mail), Google Workspace, Atlassian, Slack.
    • Device Management: Mac-based MDM systems like IRU or Kandji.


    Why Work With Us? 


     ✨  Visionary Team, Proven Results

    Our leadership bench brings deep, collective experience in scaling high-growth FinTech companies through major funding cycles and critical market inflection points. This expertise creates a stable foundation, allowing you to focus on building and innovating. You will benefit directly from mentorship, expand your professional network, and learn the strategic decision-making processes required to lead a global, mature technology company.


    🚀 Accelerated Career Ownership & DEI Commitment

    We are an emerging high-growth company, and that means your career trajectory here is accelerated. Our employees are immediately given a high level of ownership and autonomy over complex, impactful projects.

    As FISPAN continues to grow, we are committed to celebrating diversity, endorsing equity, and encouraging inclusion. We strive to eliminate bias throughout our recruitment process and build a culture where everyone feels they belong and can contribute their best work.


    💰 Strategic Total Rewards & Wellbeing

    We invest in your success. Our total compensation packages are designed to be highly competitive, including a semi-annual bonus plan that give you a true stake in our future. Beyond your compensation, you benefit from:

    • Best-in-Class Equipment: The most modern MacBook and Apple equipment.
    • Prime Location: Our downtown Vancouver office offers coastal views and access to the building fitness center.
    • Flexibility: Generous benefits, including a family leave top-up program and our Work-From-Anywhere policy.


    Purpose-Driven Culture & Prime Perks

    Our culture is the foundation of our success. We operate with a "we over me" mentality, fostering strong, collaborative bonds built on Trust and Candor. You will also enjoy: fully stocked cupboards, weekly catered team lunches, and daily JJ Bean coffee runs to keep your energy high and your wallet happy.


    Compensation Package  


    FISPAN believes in an atmosphere and culture when innovation can flourish, collaboration and teamwork are valued and transparency is at the core of it all. We want our employees to see how the ideas they help generate today have an impact on how we do business tomorrow.With that, the hiring salary range for this position is  $130,000-$160,000 annually; the base pay offered is based on comparable market data from companies of similar employee size, revenue and location. As part of our total rewards offering, permanent employees in this position may be eligible for our competitive semi-annual bonus program, subject to program eligibility requirements. 


    At FISPAN, we reward employees for achieving their objectives, going beyond the requirements of their job, demonstrating leadership, fostering innovation and advancing the organization as a whole. We value talented people of all backgrounds and characteristics that share our vision of being the number one platform for the business banking ecosystem. 


    Other components of our rewards offerings include support of career development, wellbeing, and personal growth. 

    • Extended health and dental benefits
    • Paid time off 
    • Savings and retirement plan matching
    • Parenthood top-up
    • Mentorship programs, and leadership series (to name a few) 


    Note: The incentive programs, benefits, and perks have certain eligibility requirements and may vary, only be partially or not at all available based on criteria such as location, employment status, etc. We’ll be happy to clarify eligibility for interviewing candidates.