<p><strong><u>This job posting is for a current vacancy with our client. Our client has multiple offices in Canada. This position is open to candidates in Toronto, Vancouver and Calgary.</u></strong></p><p><br></p><p>We are looking for a Senior Information Security Engineer to join a nationwide Technology team, and support a well-established insurance company. This role works closely with Infrastructure and Information Security leaders to strengthen the company’s security posture, ensure system reliability, and support the ongoing evolution of enterprise security practices.</p><p><br></p><p>In this position, you will play a key role in implementing and maintaining security systems, documenting policies and procedures, troubleshooting complex issues, and monitoring environments to ensure compliance, reliability, and availability.</p><p><br></p><p><strong>In this role, you will:</strong></p><p><br></p><ul><li>Support the implementation and maintenance of cybersecurity systems and controls.</li><li>Work with technologies including firewalls, vulnerability scanners, SIEM tools, and related platforms.</li><li>Assist with IT management infrastructure such as automated tasking, standard builds, monitoring systems, paging tools, patch deployment, and application deployment.</li><li>Serve as a senior member of the Vulnerability Management, Incident Management, and Security Configuration teams.</li><li>Troubleshoot and resolve Tier 3 technical issues.</li><li>Respond to, mitigate, and recover from assigned security events.</li><li>Conduct vulnerability testing, scanning, and documentation.</li><li>Monitor for security breaches and suspicious activity.</li><li>Provide mentorship, guidance, and knowledge transfer to other team members.</li><li>Maintain and update cybersecurity and IT documentation, including policies, procedures, and technical standards.</li></ul>
<p>This is a hybrid opportunity (2–3 days per week onsite) based in Downtown Toronto.</p><p>Are you ready to help shape and grow an innovative Offensive Security team?</p><p>We are seeking an experienced cybersecurity professional who specializes in offensive security, application testing, and threat management within modern technology stacks—including low code/no code platforms and AI/ML pipelines.</p><p>In this strategic role, you will lead efforts to identify vulnerabilities, simulate adversarial threats, and enhance the organization's security posture across its cloud, application, and AI/ML environments. Candidates with proven success building offensive security teams, driving penetration testing and incident response programs, and securing AI/ML workflows are encouraged to apply.</p><p>Key Responsibilities:</p><ul><li>Lead and execute penetration tests on low code/no code platforms, uncovering misconfigurations and privilege escalation issues.</li><li>Conduct targeted assessments of AI/ML pipelines, models, and data flows to identify security gaps.</li><li>Evaluate CI/CD integrations and MLOps environments with a focus on risk mitigation.</li><li>Analyze web and mobile applications for vulnerabilities, including insecure APIs and injection threats.</li><li>Perform threat modeling and code analysis to support vulnerability remediation.</li><li>Monitor and respond to security incidents using SIEM technologies such as Splunk and Azure Sentinel.</li><li>Develop use cases that anticipate emerging threats, especially those related to AI/ML attack vectors.</li><li>Utilize industry-standard tools—Burp Suite, OWASP ZAP, Checkmarx, Veracode, Snyk—for comprehensive vulnerability assessments.</li><li>Conduct offensive API testing and simulate real-world adversarial scenarios.</li></ul><p><br></p>
