Description:
The Information Security Engineer is a seasoned cybersecurity professional responsible for responsible for designing and implementing complex security controls across a hybrid environment spanning public cloud and on ‑ premise infrastructure, supporting both Corporate IT environments and the Kinaxis Maestro SaaS platform.
In this position, you will collaborate closely with IT, SaaS Operations, Product Development, and Business Systems teams to design durable controls, support and implement remediation activities, and strengthen detection and response capabilities. You will focus on solution design and technical execution.
Vacancy Status
This is an existing job vacancy
What you will do
Security Engineering & Control Design
- Design, implement, and operate security controls across Corporate IT environments and the Kinaxis Maestro SaaS platform, aligned with approved standards and architectures.
- Translate security requirements into practical, scalable engineering solutions across identity, endpoint, network, workload, application, and data layers.
- Contribute to secure configuration standards and reference architectures.
Cloud, Platform & Application Security
- Lead security engineering efforts for complex initiatives such as cloud migrations, SaaS integrations, container and Kubernetes adoption, and platform modernization.
- Embed security controls into CI/CD pipelines and infrastructure ‑ as ‑ code workflows.
- Partner with Security Architecture to operationalize approved security patterns and guardrails.
Vulnerability Management & Risk Reduction
- Work closely with IT, SaaS Operations, Product Development, and Business Systems teams to identify, prioritize, and reduce exposure to known vulnerabilities and misconfigurations.
- Support risk ‑ based remediation planning, track remediation actions to closure, and implement remediation directly where required and within scope.
- Verify remediation effectiveness and contribute to durable control improvements that prevent recurrence.
Detection, Incident Response & Resilience
- Contribute to detection engineering and monitoring capabilities that enable early identification of threats and control failures.
- Act as a technical escalation point during complex security incidents, supporting investigation, containment, and remediation.
- Participate in post ‑ incident root ‑ cause analysis and corrective action implementation.
What we are looking for
Primary Skills And Qualifications
- Bachelor’s degree in Information Security, Computer Science, Information Technology, or equivalent experience.
- 6–8 years of experience in security engineering, cloud security, or enterprise security roles.
- Strong hands ‑ on experience implementing and operating security controls across multiple domains.
- Experience securing GCP and/or Azure environments, including hybrid or multi ‑ account deployments.
- Solid understanding of modern authentication, identity federation, and access control models.
- Working knowledge of security frameworks such as NIST CSF, ISO 27001/27002, and SOC 2.
- Influencing architecture, risk decisions, and roadmap priorities without formal authority
- Adaptable and resilient in high-urgency operational contexts.
- Demonstrated ability to coach or mentor junior team members.
- Certifications:
- Desired: CISSP, CCSP, Certified Security – GCP or Azure Security Engineer.
- Preferred: GIAC Cloud Security, OSCP, HashiCorp Terraform Associate or policy-as-code certifications.