Information Security

1 week ago

Remote USA Remote Canada Remote Mechanical Orchard Full time US$120,000 - US$180,000 per year
At Mechanical Orchard, we specialize in safely rewriting the most critical and complex business applications—the software that runs the world as we know it today—so they're ready to adapt quickly and easily to market challenges and opportunities. Our approach emerged from observing the decades-long failure patterns in modernization efforts and is designed to eliminate the risks and disruptions that characterize most projects.
Our background in software development and the impact on the industry is well known: we've literally helped write the book on XP and other impactful Agile practices. We're applying the same thoughtfulness and rigor in applying AI pragmatically where it helps. We believe in the durable principles behind Agile, and embrace the power of cross-functional teams, collective ownership, test driven development, short feedback loops, and continuous improvement.
We're bringing joy to beleaguered IT teams everywhere. Together, we're seeing how applying craft, expertise, and technologies we're building can fundamentally transform the way companies operate, innovate, and win. Our values are: Do the right thing. Do what works. Be kind.
We're looking for an Information Security / Application Security Engineer who can bridge the gap between security and software development. You'll work closely with our engineering teams to integrate security into the software development lifecycle (SDLC), improve secrets management, implement security automation, and help scale our security posture as we pursue SOC 2, ISO 27001, and FedRAMP compliance. Responsibilities
  • Secure Software Development & Engineering Support: Partner with software teams to embed security into the SDLC (design reviews, threat modeling, dependency management). Review architecture, code, and CI/CD configurations for security concerns. Assist developers in implementing secure authentication, authorization, and secrets management practices. Build or integrate tooling to automate static analysis, dependency scanning, and container security checks.
  • Security Controls & Automation: Design and roll out software development security controls (e.g., centralized secrets management, secure build pipelines). Automate security evidence collection and reporting for compliance frameworks. Collaborate with development teams to mitigate findings from CSPM tooling. Collaborate with the IT and Infrastructure teams on endpoint hardening, identity, and access control.
  • Incident Readiness & Risk Management: Contribute to vulnerability management and security incident response. Support risk assessments for engineering projects, new technologies, vendors, and deployments. Participate in post-incident reviews and drive security improvements.
Required Qualifications
  • 3+ years of professional software engineering experience (Python, Go, Java, or similar).
  • Familiarity with modern DevOps and cloud environments (especially GCP).
  • Solid understanding of application security fundamentals — authentication, encryption, secrets management, input validation, and secure APIs.
  • Experience with CI/CD systems (GitHub Actions, GitLab CI, etc.) and integrating security tooling.
  • Ability to work collaboratively with engineers — balancing pragmatism and security.
Preferred Qualifications
  • Experience with or exposure to security compliance frameworks (SOC 2, ISO 27001, FedRAMP).
  • Hands-on experience with secrets management, SAST, DAST, container scanning, or policy management security tooling like HashiCorp Vault, Snyk, Trivy, or Open Policy Agent.
  • Experience in cloud-native environments (Kubernetes, Terraform, Infrastructure-as-Code security).
  • Certifications such as CSSLP, GCSA, or OSWE are a plus.
Mechanical Orchard, Inc. is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind. Mechanical Orchard, Inc. is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Mechanical Orchard, Inc. are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Mechanical Orchard, Inc. will not tolerate discrimination or harassment based on any of these characteristics. Mechanical Orchard, Inc. encourages applicants of all ages. Mechanical Orchard, Inc. will provide reasonable accommodation to employees who have protected disabilities consistent with local law.
We look forward to reviewing your application. Thanks

  • Sr. Information Security Analyst

    2 weeks ago

    Remote Canada Conga Full time $80,000 - $120,000 per year

    Job Title: Senior Information Security Analyst Location: Canada remote Reports To: Director, Compliance and Information Security A quick snapshot….. Conga is seeking a seasoned Senior Information Security Analyst to help shape and maintain a robust information security program. In this role, you'll work closely with stakeholders across the company to...

  • IT Cyber Security Analyst

    5 days ago

    Remote, Canada KF Aerospace Full time

    **IT Cyber Security Analyst** **We’re all about the craft.** KF Aerospace is proud to deliver innovative aircraft services for corporate, commercial, and military customers worldwide. Launched in 1970 out of British Columbia’s beautiful city of Kelowna, KF Aerospace has grown to specialize in a wide range of aviation services including maintenance and...

  • Executive Director, Information Technology

    1 week ago

    Remote, Canada Fox Corporation Full time $120,000 - $180,000 per year

    OverviewWe are seeking an experienced and strategic Director of Information Technology to lead our organization's IT initiatives. The ideal candidate will possess extensive expertise in system administration, network security, cloud platforms such as AWS and Azure, and software development methodologies. This leadership role requires a forward-thinking...

  • Manager, Cloud Security

    2 weeks ago

    Remote, Canada opentext Full time

    **OPENTEXT - THE INFORMATION COMPANY** As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management. **The Opportunity**: Under the direction of the Senior Manager of Information Security, will...

  • Chief Security Officer

    3 days ago

    Remote, Canada High Tech Genesis Full time

    Location: Ottawa, ON Canada Hybrid Term: Permanent High Tech Genesis is currently looking to hire a Chief Security Officer (CSO), you will play a pivotal role in safeguarding our organization's assets, mitigating risks, and ensuring compliance with regulatory standards. With your strategic vision and leadership, you will lead our security efforts, from...

  • SAP Security Analyst

    2 weeks ago

    Remote, Canada Stellar Software Solutions Full time $80,000 - $100,000 per year

    OverviewWe are seeking a dedicated and knowledgeable Security Analyst . The ideal candidate will be responsible for ensuring the security of our IT infrastructure and data through comprehensive security analysis, vulnerability management, and incident response. This role requires a strong understanding of various security protocols, standards, and...

  • Intermediate Customer Success Manager

    7 days ago

    Remote, Canada Absolute Security Full time US$88,000 - US$105,000 per year

    Absolute Securityabout 8 hours agoRemoteRemote$88,000 - $105,000/annuallySenior Levelfull_timeAbout the roleIntermediate Customer Success ManagerAbsolute is a global cyber-security technology company based in Vancouver, BC that helps stop downtime. We help organizations recover and resume normal operations in the face of security breaches. Absolute envisions...

  • Principal Security Compliance Analyst

    2 days ago

    Remote, Canada Open Text Corporation Full time

    **Principal Security Compliance Analyst**: - Req id: 37918- Virtual, CA Virtual, US**OPENTEXT - THE INFORMATION COMPANY** As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management. **The...

  • Cyber Security Analyst

    2 weeks ago

    Remote, Canada Dawn InfoTek Inc. Full time

    Dawn InfoTek Inc. is a professional IT consulting team that partners with major financial institutions, investment firms and government sectors. We have been dedicated to delivering cutting-edge consulting services and recruiting all levels of IT positions for our clients. We are currently seeking competent individuals to fulfill the role of **Cyber...

  • Senior Security Engineer

    1 day ago

    Remote, Canada Cision Full time $80,000 - $120,000 per year

    At Cision, we believe in empowering every individual to make an impact. Here, your voice is heard, your ideas are valued, and your unique perspective fuels our collective success. As part of our global team, you'll thrive in an environment that champions curiosity, collaboration, and innovation, all while making meaningful contributions to the brands we...