Senior Security Engineer

We are looking for a Senior Security Engineer who will play a critical role in maintaining the security and integrity of Fundserv’s network, cloud, and system infrastructure.

Fundserv has been the indispensable hub for the Canadian investment industry for over 30 years, connecting Manufacturers, Distributors, Intermediaries, and Service Providers to build solutions that simplify business interactions and promote innovation in the industry. We do this by focusing on our corporate values of Collaboration, Adaptability, Integrity, and Respect.

1. Architect and implement security solutions to protect the organization against security threats that might affect the confidentiality, integrity, and availability of Fundserv’s data, systems, and networks.
2. Manage security and compliance of hybrid cloud setups using CSPM, CNAPP, and other industry frameworks and standards.
3. Perform threat modeling, risk assessment, and penetration testing on network and infrastructure setups.
4. Collaborate with different teams to mitigate the identified threats.
5. Work closely with IT and business teams to integrate security policies, procedures, and best practices across all projects, tools, and technologies used within the organization.
6. Stay up to date on the latest security threats affecting the financial industry and mentor other engineers with these updates.
7. Automate repetitive tasks using Python scripts or other automation tools.
8. Respond to security incidents and zero-day vulnerabilities by leveraging incident response tools, frameworks, processes, and procedures.

You’ve demonstrated the ability to do the following, gained through education and/or experience:

1. Implementation of security tools and technologies like EDR/XDR, DLP, database logging & monitoring, and SIEM for a medium-sized organization.
2. Utilized cloud and container security tools to improve the security posture of an organization’s hybrid cloud setup.
3. Designed and architected security solutions to reduce threat exposure of applications or tools.
4. Configured and managed networking tools and technologies like NGFW, IDS/IPS, SASE, and WAF, preferably Cisco and Fortinet products.
5. Collaborated with stakeholders at multiple levels to advocate for security changes across the organization.
6. Performed vulnerability management, threat modeling, risk assessment, and penetration testing on network, infrastructure, or application environments.
7. Explained, presented, demonstrated, and documented the impact of vulnerabilities or security loopholes at an organizational level.
8. Facilitated remediation of security gaps by providing detailed mitigation strategies and proposing solutions.

The following is not required but will be a bonus:

• CISSP, CCSP, GIAC Cloud Security, Architecture, and Design certifications.

We recognize diverse paths to skills; if your experience doesn’t exactly match but you believe you’re a great fit, we encourage you to apply!

We’ve been recognized as a GTA Top Employer and a Canada Top Small & Medium Employer. Some benefits include:

• Employer-paid premiums for group health plans, including a Healthcare Spending Account.
• Up to $2,000 annually for mental health practitioners and dedicated mental health days.
• Wellness benefits covering gym memberships, meditation, wellness apps, and more.
• RRSP matching program.
• $500 stipend for home office equipment and monthly internet subsidy.
• Out-of-province work policy allowing up to 20 days per year for eligible employees.
• Access to training platforms like LinkedIn Learning and Pluralsight.
• EI top-up programs for maternity, parental, family medical, and caregiving leaves.

We value flexibility and work-life balance. Our hybrid model is purpose-led—employees come in for specific reasons, not to fill quotas.