Lead Security Engineer (Montreal)
Montreal
Cyber Security – Cyber Security /
Hybrid /
Hybrid
US Mobile is on a mission to revolutionize connectivity. Imagine a world where you can go into a single app and buy terabytes of data for every one of your devices: phone, smart devices, car, home broadband, and more. That’s the future that US Mobile is building: a software platform built truly for the 21st century and the age of 5G and IoT, with world class engineering, best-in-class user experience, and features that will define the next generation of connectivity.
At the core of it all, we have a team and culture that has been recognized by Forbes as one of the top 500 best startup employers in the US. Our team spans diverse backgrounds, cultures, and stories, with employees coming from 20+ countries.
We're a venture-backed company entering hypergrowth, having recently ranked 94th on Inc 5000's fastest-growing private companies in America, and we’re looking for someone exceptional to join our team.
Job Description:
Lead Security Engineer, you will:
As the Lead Security Engineer, you’ll be both a hands-on technical contributor and a security leader. You will write and review code, design secure systems, and work closely with backend and platform engineers to ensure that our infrastructure, applications, and services are resilient against evolving threats.You’ll lead a small, high-impact team responsible for embedding security into the entire SDLC — from code review and threat modeling to runtime monitoring and incident response. Your mission: make security an integral part of our engineering DNA.
Responsibilities:
- Write and review production code in Java, Kotlin, and Go, ensuring that security best practices are applied in APIs, backend services, and infrastructure automation.
- Perform secure code reviews and guide developers on secure design patterns and coding standards.
- Monitor and analyze application and network traffic using tools like Datadog, Cloudflare Web Application Firewall (WAF), and related observability platforms to identify anomalies, attacks, and emerging threats.
- Build and automate security tooling that integrates into CI/CD pipelines for vulnerability scanning, dependency management, and code integrity checks.
- Collaborate with DevOps and backend engineers to design secure architectures, enforce least privilege, and adopt zero-trust principles.
- Lead threat modeling and risk assessments, translating findings into actionable improvements.
- Develop and maintain incident response playbooks and coordinate responses to potential security events.
- Drive security awareness and training within engineering teams to foster a security-first culture.
- Use real-time threat intelligence and analytics to detect, analyze, and respond to evolving attacks across cloud and application environments.
- Stay current with new exploits, research tools, and emerging best practices to proactively harden systems.
Required:
- Bachelor’s degree in Computer Science, Software Engineering, or a related field.
- 7+ years of experience in cybersecurity, application security, or security engineering — ideally in developer-heavy environments.
- Strong software engineering background with hands-on experience in Java, Kotlin, or Go (comfortable reading and writing production code).
- Deep understanding of secure software development, API security, and microservices architectures.
- Experience integrating security into CI/CD pipelines and cloud-native environments (AWS, GCP, or similar).Understanding of compliance frameworks such as PCI-DSS, SOC 2, or ISO 27001 is a strong plus.
- Familiarity with observability and monitoring platforms such as Datadog, Cloudflare WAF, or similar tools for traffic analysis and anomaly detection.
- Proficiency with security monitoring and automation tools (SIEM, EDR, IDS/IPS, etc.).
- Excellent communication skills and the ability to collaborate with both engineers and leadership.
- Certifications like CISSP, OSWE, GCSA, or CISM are a plus but not required — demonstrable coding and analytical ability matter most.
Benefits:
- Competitive salary - 150k CAD - 200k CAD (based on experience)
- Flexible working hours
- Supplemental health insurance
- Professional development stipend
- $500 wfh tech set-up reimbursement
Think you’d be a great fit? Apply to learn more!
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
