Security Engineer (Remote)

Remote in Toronto
Engineering /
Full-time /
Remote
Apply for this job
Overview of the role
Join us at PolicyMe! We're modernizing insurance and we’d like your help. The Canadian insurance landscape has remained largely unchanged for decades, and we are in the process of changing that. We're a remote-first, Toronto-based startup with big ambitions.

About the role
As a dedicated Security Engineer, you’ll play a mission-critical role in defining and implementing the practices, tools, and architecture that will safeguard our infrastructure, data, and applications. This is a high-impact, high-autonomy opportunity to build a security foundation from the ground up while directly influencing how we scale safely and intelligently.

You’ll work cross-functionally with all teams to reduce risk, operationalize security, and ensure we can meet the needs of a growing fintech platform with best-in-class standards.

Our tech stack: React, Redux, Python, Webpack, Gatsby, Node.js, PostgreSQL, AWS

What you'll be doing:

    • Design and implement security architecture across cloud, infrastructure, endpoints, and applications using tools like AWS Security Hub, IAM, GuardDuty, CloudTrail, Inspector, etc.
    • Integrate static and dynamic security testing into CI/CD pipelines (e.g. SonarQube, GitHub Actions).
    • Manage tools such as SIEM, firewalls, MDM, VPN, and EDR. Automate alerting, patching, and rulesets wherever possible.
    • Lead security reviews, threat modeling, and secure coding practices in collaboration with engineering.
    • Drive incident response processes, from detection and triage to resolution and post-mortem.
    • Support SOC2 compliance efforts including evidence gathering, access reviews, and internal audits.
    • Define and operationalize vulnerability management workflows, asset monitoring, and risk mitigation.
    • Educate teams on secure development, OWASP standards, and emerging threats. Promote a security-first mindset across the org.
    • Collaborate with leadership to evolve PolicyMe’s security roadmap and tooling strategy.

What we are looking for:

    • 5+ years of experience in infrastructure and/or application security, ideally in startup or scale-up environments.
    • Strong grasp of AWS cloud security fundamentals and tooling (IAM, VPC, KMS, S3, Security Hub, etc).
    • Experience with integrating security controls into CI/CD pipelines and engineering workflows.
    • Hands-on scripting ability (e.g. Python, Bash) to automate processes and handle operational tasks.
    • Excellent communicator with the ability to articulate risks and solutions to both technical and non-technical stakeholders.
    • A proactive problem-solver who thrives in autonomous roles and can define and drive strategy with limited oversight.
    • Comfortable managing a broad security surface area: from endpoint security to cloud misconfigurations to compliance support.

      • Reports To: DevOpsSec Manager

Why join us:

    • Generous PTO - 20 vacation days
    • Access to stock options and a comprehensive benefits plan
    • A remote-first team with company paid, in-person socials and the option to work from our Toronto-based office
    • Resources to help your professional development, including an L&D budget, performance reviews twice a year and ongoing feedback to ensure you reach your highest potential
    • Work with an empathetic, high-performing team in a flexible, results-oriented environment
About PolicyMe:
PolicyMe is a Venture-Backed InsurTech startup on a mission to put families first, protecting them with the honest and uncomplicated life insurance they deserve. Through technology, PolicyMe is streamlining the traditional insurance process, removing barriers and inefficiencies to deliver a fully-underwritten life insurance policy that families deserve but with fewer steps and lower costs. PolicyMe makes it easy to get a quote and apply for term life insurance online in 20 minutes or less. Since our launch in 2018, we have grown exponentially, selling over $1 billion in life insurance coverage to Canadians.
PolicyMe was also most recently voted as one of Canada's 50 Most Impactful Companies of 2021, and has been mentioned in BetaKit, National Post, the Global & Mail, Global News and more. If you're interested in being considered for this opportunity, please submit a resume.

Commitment to Equal Opportunity:
PolicyMe is proud to be an equal opportunity employer. All applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, or disability status. We thank all applicants for their interest, however, only those selected for an interview will be contacted.

Accessibility Statement:
PolicyMe is dedicated to ensuring an accessible experience for all candidates. If you require accommodations during the application process, please let us know in the "Additional Information" section of the job application. We are committed to working with you to provide support and make reasonable adjustments throughout the process.
Apply for this job

PolicyMe Home Page

Jobs powered by Lever logo