Staff Security Engineer

At Shakepay, we’re on a mission to usher in the Bitcoin golden age. We’re reimagining financial services to give every Canadian their fair shake. Our culture is built around doing work that matters, winning as a team, and celebrating success. If you value growth, ship fast, and share ideas openly with like‑minded people, come build with us!

Since 2015, we’ve built the Shakepay app to make buying and earning bitcoin fast, easy, and secure. In 2022 we launched the Shakepay Card, letting users earn bitcoin rewards when they shop. More than one million Canadians use Shakepay to grow their bitcoin savings and take control of their financial future. We’re regulated across all Canadian provinces and territories and backed by $44 M from renowned venture capitalists.

Security is a company‑wide responsibility, supported by a small, high‑impact team focused on protecting customers, systems, and data while enabling product velocity and business growth. The team works closely with Engineering, Risk, Compliance, and Product to design pragmatic controls, respond to incidents, and continually improve our security posture in a regulated fintech environment.

We’re looking for a Staff Security Engineer to help safeguard Shakepay’s infrastructure, products, and customer data.

In this role you’ll be a hands‑on contributor across operational security, incident response, and enterprise security, while also acting as a trusted partner to engineering teams. You’ll design and implement security solutions that balance risk reduction, customer experience, and product growth.

This is not a management role, but it carries strong expectations around technical leadership, mentorship, and ownership. You’ll report to the Head of Security.

• Design and drive security solutions across product and internal applications
• Conduct threat modeling for existing systems and new product initiatives
• Partner with engineering teams to embed security into development and delivery workflows
• Mentor engineers and share security best practices across the organization
• Build, tune, and automate security alerts, detections, and response workflows
• Participate in and help lead incident response as part of the on‑call rotation
• Support governance, compliance, and regulatory efforts (SOC 2, ISO 27001, PCI, etc.)
• Manage relationships with internal stakeholders and external security vendors

• 7+ years of experience building and maintaining secure applications with 3+ years in a security role
• Strong experience in application security and best practices
• Ability to build and automate tools and processes to scale capacity across security and engineering
• Experience working in cloud environments (AWS preferred)
• Hands‑on experience with incident response and on‑call rotations
• Strong communication skills and a clear sense of ownership
• Experience working in fintech, crypto, or other regulated environments (bonus)
• Exposure to product security and influencing product design
• Experience with offensive security or vulnerability research
• Experience or passion about artificial intelligence
• Knowledge of bitcoin and excitement to learn more
• Comfort using Git/GitHub for collaboration and process management

• Experience working in fintech, crypto, or other regulated environments
• Exposure to product security and influencing product design
• Experience with offensive security or vulnerability research
• Experience or passion about artificial intelligence
• Knowledge of bitcoin and excitement to learn more
• Comfort using Git/GitHub for collaboration and process management

• Help shape the future of money: Be part of a team that's revolutionizing financial services in Canada.
• Impact millions: Our potential for growth is massive. Help us bring Shakepay and bitcoin to all Canadians.
• Grow your career: We offer programs to encourage continuous learning, growth, and development.
• Ideas, not titles: We want the best ideas to shape our future, no matter where they come from.

• Competitive compensation and stock options: Get rewarded with competitive pay and join our employee stock option plan.
• Health benefits from day 1: Access to comprehensive health and dental coverage, including wellness spending accounts.
• Remote‑friendly: Work from anywhere in Canada, with optional access to our office spaces in Montreal and Toronto.
• Learning and development: A $2 000 annual budget for courses, certifications, and training.
• Time off: 20 days of vacation per year, plus a $1 000 bonus if you use all your vacation days.
• Parental leave: Up to 100% of your salary for 18 weeks.
• Home office setup: A MacBook, $1 200 budget for office improvements, and monthly stipend for home and internet expenses.
• Salary in bitcoin option: Choose to receive your salary in bitcoin.
• Team and company offsites: Events to connect and collaborate in person.

We understand that potential can be just as valuable as experience. If you’re eager to learn, grow, and contribute to our mission but worry about missing “right” experience, we still want you to apply. We encourage applications from everyone, regardless of background or experience.

We are a Canadian company and will not be sponsoring visas for this position. You must be eligible to work in Canada to be selected.

Fluency in English is required due to our English‑speaking customer base and the nature of our platform, which is available to all Canadians.