Who We Are, What We Do, Where We Are Going Magnet Forensics is a global leader in the development of digital investigative software that acquires, analyzes and shares evidence from computers, smartphones, tablets and other IoT related devices. We are continually innovating so that our customers can deploy advanced and effective tools to protect their communities, countries and companies. Headquartered out of Waterloo, ON but with over 400 employees spread out globally, Magnet is continuing to expand and grow. Where we are today, is not where we want to be tomorrow. We are seeking a highly skilled and motivated Security Engineer to join our dynamic team and play a key role in ensuring the security and integrity of our organization's products and customers’ data. The Security Engineer will be part of the engineering organization and responsible for implementing, managing, and enhancing security measures across our applications, products, and services to protect against potential cyber threats and attacks. This role requires a strong technical background, a deep understanding of security best practices, and the ability to collaborate with developers and engineering teams to identify and mitigate security risks effectively. You’ll be a part of a talented team responsible for a wide range of product and engineering security programs.
- Application Security: Design, implement, and maintain application security processes and tooling such as SAST, SCA, containers, etc.
- Product Vulnerability Management: Conduct regular security assessments, vulnerability scans, and web application scanning. Work with engineering teams on notification, remediation, and patching strategies.
- Compliance: Establish and enforce security policies, standards, and guidelines in alignment with industry best practices, legal requirements, and internal security policies.
- Cloud Security: Familiar with security features and services for major cloud providers such as AWS and Azure. Design, implement, and maintain security infrastructure components such as Security Hub, Inspector, Config, Defender for Cloud
- Security Monitoring and Analytics: Monitor security events, analyze logs, and generate reports to identify suspicious activities, potential threats, and security breaches.
- Security Architecture/Code Review: Collaborate with software developers and system administrators to review and improve the security architecture of new and existing applications, systems, and code. Familiarity with threat modelling, design reviews are helpful.
- Incident Response: Investigate security incidents and breaches to determine the root cause and implement necessary corrective actions to prevent future occurrences.
Successful candidate will have many of the below skills and accomplishments:
- Degree or diploma in relevant field or equivalent work experience. Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.
- Proven experience as a Security Engineer or in a similar role, demonstrating hands-on experience in security implementation and management.
- Strong knowledge of security protocols, cryptography, and common security technologies.
- Ability to automate security tasks and integrate with various CI/CD tooling and processes
- Comfortable with one or more scripting languages and reading basic scripts (python, C#, powershell, bash, etc…)
- Comfortable with writing pipelines for automation tasks (Jenkins, AzDO, GitLab, Github)
- Comfortable writing IaC (CDK, CloudFormation, Terraform)
- Familiarity with industry regulations and frameworks such as ISO 27001, SOC2, NIST 800-53, etc…
- Excellent problem-solving and analytical skills to identify and address security vulnerabilities effectively.
- Strong communication and interpersonal skills to collaborate with cross-functional teams and articulate complex security concepts to non-technical stakeholders. Join us as a Security Engineer and make a significant impact by fortifying our organization's security posture and ensuring the confidentiality, integrity, and availability of our critical assets.
The Most Important Thing
- We’re looking for candidates that can provide examples of how they have demonstrated Magnet InteGRITy in their previous experiences:
- Greater Good – We think beyond our own interests and strive to improve communities around the world. This demonstrates our passion for making a difference in the world.
- Respect – We hold ourselves accountable through transparent sharing of information and we have faith in each other’s abilities
- Innovation – We lead the industry in excellence and reliability while keeping the user experience simple and relevant. We are not afraid to push the boundaries to stay ahead of our competitors.
- Teamwork – We collaborate internally and externally, while caring about each other and listening to our customers.