Intermediate Security Engineer - Red Team

Join Our Mission: Help the Helpers with Jane

Let's kick things off with a quick intro. Jane is a team that's all about fostering growth, spreading delight, and serving our healthcare community. We're on the hunt for people ready to jump in and join us while we simplify the lives of healthcare practitioners and patients daily. And guess what? Jane is a remote-first company, meaning every role at Jane, including this one, is remote — giving you the freedom to work from any corner of Canada.

Your Role in Our Journey

Join Jane’s Cybersecurity team as a Security Engineer, Red Team, where your curiosity and collaboration will help us strengthen our security posture. In this role, you’ll contribute to red team activities, support our bug bounty program, and foster meaningful relationships across teams to enhance Jane’s culture of security awareness. This position offers the opportunity to grow your skills in offensive security, all while working in a supportive environment that values emotional intelligence, collaboration, and inclusivity. If you’re passionate about offensive security and motivated by the opportunity to make a tangible impact, we’d love to hear from you.

• Perform penetration testing and vulnerability assessments on Jane’s systems, applications, and infrastructure under the guidance of senior team members, helping to identify and mitigate security risks while working collaboratively with stakeholders.
• Assist in the operation and improvement of Jane’s bug bounty program by validating reported vulnerabilities, reproducing exploit scenarios, and engaging empathetically with external researchers to foster trust and partnership.
• Execute red team activities such as phishing simulations, lateral movement scenarios, and application security testing, maintaining a balance between technical rigor and organizational empathy.
• Help develop and refine security testing tools and processes, including automating repetitive tasks and integrating tools into workflows, while collaborating effectively with cross-functional teams.
• Build strong relationships with software development, IT, and other teams to champion security initiatives and foster a shared sense of responsibility for maintaining a secure platform.
• Contribute to incident response efforts by providing insights on potential attack vectors and assisting in post-incident reviews with a focus on growth and improvement.
• Stay current on offensive security trends, tools, and tactics, sharing knowledge openly with colleagues to enhance team capabilities and cultivate a learning-oriented culture.

• Educational background in computer science, information security, or a related field, or equivalent experience.
• Two (2) to three (3) years of experience in penetration testing, vulnerability assessments, or security research.
• Experience in web application and API penetration testing, with the ability to discover and exploit vulnerabilities such as business logic flaws, broken access control, injection (e.g., SQL Injection, XSS, SSRF), and broken authentication.
• Familiarity with penetration testing tools like Burp Suite, Metasploit, and Kali Linux. Experience with scripting languages (e.g., Python, Bash) is preferred.
• Foundational knowledge of Web Security Testing Guide (WSTG), ASVS, OWASP Top Ten, MITRE ATT&CK framework, and secure coding practices.
• Strong interpersonal skills, including active listening and the ability to empathize with diverse stakeholders. You communicate findings with clarity and care, tailoring your approach to meet the needs of technical and non-technical audiences alike.
• Certifications like OSCP, CEH, Burp Suite Certified Practitioner (BSCP) or equivalent are beneficial but not required.

Jane’s committed to paying our team members fairly, clearly, and above all, paying for growth. This role has a minimum annual salary of $95,100 and maximum annual salary of $142,600. As you may have noticed, this salary range is quite large, and this is intentional to account for the growth someone will experience in the role throughout their time at Jane (i.e., from building the skills, to accomplished, to highly proficient, all the way to achieving excellence in the role). When hiring talented folks to join the Jane team, we’ve found that new team members are best set up for success when hired with the expectation of being fully accomplished in the role, which for this role would reflect a starting salary of $118,800.

It's also possible to join Jane at a salary above or below this, which would mean a salary below $118,800 typically reflects someone who has all the potential to be fully accomplished in the role but doesn't yet possess all the skills required, while a salary above $118,800 is typically for individuals who are currently in this role at Jane and had the opportunity to make a significant positive impact on our customers, product and company with deep Jane knowledge. At Jane, we pay for growth, which means that you’ll continue to have conversations about your career development with your manager and see your compensation grow over time as you build an amazing career with us.

It's important to actively recognize, embrace, and celebrate our differences in order to make Jane an inclusive, equitable, and diverse workplace.

We do not tolerate discrimination, prejudice, or oppressive isms of any kind. Employment is decided on the basis of qualifications, merit, experience, and the needs of the Jane community. We encourage anyone who requires accommodation or adjustments throughout the interview process to let us know, and we will do our best to support you.