Staff Software Engineer, Security

Overview Staff Software Engineer, Security at Super.com. This range is provided by Super.com. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range CA$170,000.00/yr - CA$250,000.00/yr About Super.com We started Super.com to help maximize lives – both the lives of our customers and the lives of our team – so that everyone can experience all that life has to offer. For our employees, our promise is that Super.com is more than just a job; it’s an opportunity to unlock one’s potential, where learning is celebrated and impact is realized. We are more than a fast-paced, high-growth tech company; we care about our people and take career progression seriously. This is your career and our aim is to supercharge it through the people, the work, and the programs that fuel who we are. About The Role We\'re looking for a Staff level Security Engineer to join our Security & Privacy team. You\'ll act as a company-wide subject matter expert and key advocate for the security of our product. You\'ll directly manage and mentor a small group of engineers. You\'ll operate within an Agile team, collaborate with engineering and IT leadership to influence strategy, and be directly accountable for meaningfully improving the security of our product. You’ll operate with significant autonomy when setting direction and executing on work. You\'ll act as a technical mentor across the engineering organization to advance the company\'s security skills. This role is primarily a mix of strategic and hands-on work, with some people management responsibility, and reports to the Senior Director of Infrastructure within the Engineering department, and collaborates closely with the Head of IT. About The Team The Security & Privacy team at Super.com is a cross-functional Mission-Aligned-Team composed of both engineering and IT security professionals. We\'re responsible for application security, incident response, customer privacy, controls compliance, and security-operations. We work closely with product engineering to find and resolve vulnerabilities, leverage the latest in AI technologies, and act as the trusted point of contact for all security questions. About You You\'re an experienced application Security Engineer with the technical depth and breadth to raise our security org to the next level. You thrive in fast, remote, ambiguous, high-initiative, high-ownership environments. You\'re interested in both defining strategy and executing on it. You’re capable of diving deep into architecture, code, and infrastructure to drive meaningful improvements. You\'ve led or mentored other engineers and are comfortable being the company’s authority on technical security decisions. You communicate clearly, collaborate across teams, influence across functions, and have high standards for technical excellence. What you\'ll be working on Driving accountability and ownership of application security concerns company-wide, ensuring the resolution of findings, and meeting strategic objectives. Directly manage 1-2 software security engineers including security interns Identify, scope, prioritize, and often individually execute on high-impact security work. Mentor and unblock members of your team and core product software engineers outside the team Architect complex security solutions and contribute to our long term security roadmap Deliver continuous business value through AppSec, DevSecOps and other security project work. This includes coding, deployment, incident response, evangelization, and long term adoption Act as a trusted point of contact for security questions and issues, owning the process of responding to and ensuring the remediation of security-related inquiries and incidents Monitor industry trends and major security developments, ensuring we\'re quick to respond Our Technology State-of-the-art architecture powered by Node and Python microservices and React frontend Postgres for storage, Redis for caching, and Snowflake for data warehouse Gitlab for version control and CI/CD; infrastructure hosted on AWS with Kubernetes, RDS, etc Monitoring and automated alerting with Datadog Amplitude, Hotjar, and LogRocket for client-side metrics and experimentation Material-UI with our own component library; Figma for mock-ups Integration with a multitude of third-parties to support compliance, risk, and security policies What we\'re looking for 8+ years of hands-on, senior, and highly autonomous security roles embedded in an engineering or software development related department Hands-on experience securing web applications, designing secure solutions, and providing meaningful security feedback to engineering design documentation and code reviews Contributed meaningfully to company-level security strategy and owned security programs end-to-end (e.g., SDLC security, vulnerability management, threat modeling) Desire to directly manage and mentor a small group (1-3) of security software engineers Have played a significant role in hiring for security professionals Strong written and verbal communication skills Experience working with functional leaders, product management, engineers, IT, and non-technical business staff Independently executed on a broad range of security initiatives spanning infrastructure security, application security, and automating business controls Bonus points for Bug Bounty or other Red-Team vulnerability hunting finds Recently worked at a fast-paced startup, scaleup, or B2C app-first company Deep familiarity with Datadog APM or other application insight tools Experience with our specific stack: AWS, Kubernetes, Python + FastAPI, React, Postgres, Kafka, Redis Experience with the fintech industry and its specific threats and regulations Experience acting as a thought leader regarding IT Security concepts such as endpoint protection, SIEM best practices, and insider threat detection/prevention Perks Remote-First Flexibility: Work from anywhere in the world and choose the hours that suit you best. We trust you to get great work done on your terms Time to Recharge: Unlimited PTO, company-wide recharge days, and annual team offsites Everyday Perks: Weekly UberEats credits and travel discounts on SuperTravel Family-Friendly Benefits: Generous parental leave and flexible return-to-work plan Comprehensive Compensation: Competitive salary, equity options, and top-tier benefits starting on day one Investing in You: Wellness budgets, personal development funds, and team-level learning resources And that’s just the beginning. Visit our careers page to explore the full range of perks and benefits we offer. Super.com uses artificial intelligence (AI) technologies to support certain aspects of the recruitment process, such as initial application screening and technical assessments. All other assessments and final hiring decisions are conducted with human involvement. Candidates may request a human review of any AI-assisted outcome by contacting Super.com is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Accommodations are available on request for candidates taking part in all aspects of the selection process. If needed, please notify our Talent Acquisition Partner. As a remote-first organization we use benchmarking data reflective of your geographical areas to ensure our compensation package is competitive based on where you reside. Your TA partner will confirm which range applies to your location as part of the hiring process. Location specifics (Canada & USA) Canada Tier 1: 179,000 - 219,000 CAD; Greater Toronto Area and Metro Vancouver regions. Tier 2: 170,000 - 208,000 CAD; all other regions. USA: 174,000 - 250,000 USD. #J-18808-Ljbffr