Security Engineer

Security Engineer

Advantage Group International is seeking a Security Engineer to join our Technology team. This is a unique opportunity to build and shape our security posture from the ground up. The successful candidate will be a hands-on leader who can design, implement, and manage a robust, compliant, and resilient security infrastructure—protecting our systems, data, and clients while enabling the business to operate securely and efficiently.

About the Role

We are looking for a visionary and pragmatic Security Engineer to lead our enterprise security strategy. This is a greenfield opportunity for a true builder who is passionate about risk management, threat mitigation, and embedding security into every layer of operations. The ideal candidate will be a strategic thinker who can define a security roadmap and a hands-on practitioner who can execute it effectively. You will be responsible for the full lifecycle of security operations and will work closely with cross-functional teams to foster a culture of trust, compliance, and continuous improvement.

In other words, we need someone who:

• Is an evangelist for security best practices and has experience embedding a security-first culture.
• Thrives on the challenge of identifying vulnerabilities, managing risks, and responding to incidents with precision. 
• Possesses deep technical skills across threat detection, vulnerability management, compliance frameworks, and cloud security.
• Can work autonomously to define a security roadmap while collaborating closely with internal and external stakeholders.
• Has leadership skills – can mentor teams in secure development practices, champion new technologies, and clearly articulate security decisions. 
• Has a proven track record of designing, building, and managing enterprise-grade security programs, preferably in cloud-native environments.
• Has experience in compliance frameworks such as SOC2 and ISO 27001, and understands how to operationalize them.

Your Day-to-Day

Your role will be to establish the foundations of our security practice. Your responsibilities will involve:

• Designing and implementing enterprise security systems and protocols across infrastructure and applications.
• Leading vulnerability triage, verification, and remediation efforts based on SLAs.
• Conducting internal and client-facing security assessments and coordinating risk mitigation strategies.
• Managing incident response and forensic investigations with precision and urgency.
• Developing and maintaining Disaster Recovery and Business Continuity Plans.
• Ensuring compliance with SOC2, ISO 27001, and other relevant frameworks.
• Collaborating with IT, procurement, and development teams to embed security into vendor management and operations.
• Maintaining accurate and up-to-date security documentation, SOPs, and audit trails.
• Launching and maintaining a strategic security roadmap aligned with business goals and industry best practices.
• Supporting infrastructure and database teams with secure architecture guidance.
• Monitoring and auditing internal systems and third-party vendors for compliance and risk.
• Responding to security-related issues and ensuring proper escalation and resolution protocols are followed.
• Mentoring team members and promoting a culture of security awareness and accountability.

Your Skill Set

You should have deep, hands-on experience with most of the following, demonstrating a practical, craftsman-like approach:

• Security Tools: Proficiency with penetration testing, vulnerability scanning, SIEM platforms, and endpoint protection.
• Compliance: Experience implementing and maintaining SOC2, ISO 27001, or similar frameworks.
• Infrastructure: Strong understanding of Windows Server, Linux, cloud platforms (Azure/GCP), and network security.
• Risk Management: Experience conducting risk assessments and managing vendor security reviews.
• Incident Response: Proven ability to lead investigations and implement remediation plans.
• Scripting & Automation: Familiarity with scripting languages (Python, Bash) for automation and analysis.
• Documentation: Strong organizational skills with a focus on clear, auditable documentation.
• Communication: Ability to explain complex security concepts to technical and non-technical audiences.

You must have:

•     Degree/Diploma in Computer Science or related field, or equivalent experience in Information Security.

•     Applicable certifications (e.g., CISSP, CEH, OSCP).

•     Minimum 8 years of experience in security operations or systems administration.

•     A proactive, ownership-driven mindset with a passion for protecting systems and data.

•     A strong willingness to learn and adapt, staying current with evolving threat landscapes.

•     A pragmatic and adaptable mindset, preferring effective solutions over rigid processes.

•     Desire for optimization and streamlining security operations.

You must be:

•     A creative thinker and a natural problem-solver.

•     Detail-oriented, understanding that small gaps can lead to big risks.

•     A collaborative partner to all teams, not just a gatekeeper.

•     Passionate about building secure, resilient systems.

•     Able to be flexible with work hours, including occasional evenings in EST to support global teams.

Why Should You Work with Us?
The Advantage Group offers an excellent work-life balance and a culture that values innovation and individual contribution, including the following:

• Stable company, with an established client-base and a continual steady growth.
• Excellent work-life balance: flexible hours, hybrid working and generous vacation policy.
• Opportunities for growth and professional development in an environment that encourages learning.
• Hybrid work environment.
• A paid day off on your birthday.
• One volunteer day off per year.
• Intelligent, passionate, and collaborative team members who value craftsmanship.
• Unique business and technical problems; a new challenge around every corner.
• Strong corporate culture: Monthly company-wide gatherings for global community-building.
• Health benefits including counselling and mental health support.
• Competitive compensation including Group RRSP.

Location:

Hybrid – one day a week – Toronto GTA

Don't meet every single requirement? Studies have shown that women and people of colour are less likely to apply to jobs unless they meet every single qualification. We are dedicated to building a diverse, inclusive, and authentic workplace; therefore, if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles at Advantage.

---