Our pension offerings provide flexibility and long-term security for our employees beyond their careers. We are one of the few companies offering the opportunity to receive guaranteed income for life via our defined benefit pension plan.
Salary for the candidate will be determined taking into consideration a number of factors including: experience, skills, qualifications, anticipated contribution to role, internal equity, etc. The salary range presented above is based on a 35-hour workweek and would represent a majority of different candidate profiles. However, we encourage candidates who may fall outside of this range to apply as well.
Join our security team to design and build next‑generation security products that reshape how secure software is developed and deployed. You will craft automation platforms, intelligent services, and self‑service experiences that embed security into modern engineering workflows with minimal friction. This role focuses on secure software engineering and product development to deliver forward‑looking solutions from practical remediation guidance to proactive posture insights - that scale across Intact’s application and infrastructure landscape.
Architect and build reusable services, APIs, and libraries that operationalize application security best practices at scale.
Implement features and enhancements across backend and/or frontend components.
Write clean, maintainable code.
Create automation that orchestrates compliance evaluation
Develop self‑service security products that streamline SSDLC and accelerate secure delivery.
Implement AI‑assisted capabilities for contextual vulnerability triage, and proactive guardrails.
Automate posture analytics and executive‑ready dashboards (Grafana, Power BI) to surface trends, coverage, and risk signals.
Work closely with product, architect, and design to ensure functionality meets user needs.
Drive adoption through demos, guidance, and workshops.
Degree in Software Engineering, Computer Science, or related field
7+ years building production software and platforms with a focus on automation, integrations, and product reliability.
Proven experience owning end‑to‑end product from technical design and prototyping through implementation, testing, rollout, and maintenance.
Strong system design skills to design scalable, resilient, and observable services. Familiarity with design patterns and trade‑offs.
Expertise in at least one backend language (Java, Python, Go, or Node.js/TypeScript) and related frameworks (Spring Boot/MVC, Express.js, NestJS).
Good frontend experience building SPAs (preferably Angular; React or Next.js also acceptable), including component architecture, state management, and secure UX patterns.
Clean coding, automated testing (unit/integration/e2e), code reviews, and continuous improvement.
Experience building secure APIs and integrations (REST/GraphQL), including authorization, input validation, and error handling.
Comfort with data modeling and persistence (SQL/NoSQL), performance tuning, and migration strategies.
Knowledge of logging, metrics, tracing, health checks, performance profiling, and SLOs.
Experience designing and implementing CI/CD pipelines for application delivery, including adding security steps and quality gates.
Ability to decompose complex problems, define clear acceptance criteria, and deliver iteratively with measurable outcomes.
Guide peers, drive design reviews, and influence architecture.
Familiarity with cloud‑native application design (AWS/Azure/GCP), containerization (Docker), and basic orchestration concepts (Kubernetes) with security considerations.
Exposure to AI/LLM product development, prompt engineering, model integration, evaluation/validation, and data privacy considerations.
Working knowledge of application security fundamentals and standards (e.g., OWASP Top 10, secure coding practices, supply chain security).
Experience integrating or operating SAST/DAST, dependency, and cloud security tools, capable of integrating vendor products into developer workflows.
Excellent communication skills, able to translate security and engineering concepts for diverse audiences.
Nice to have: ServiceNow AVR exposure. Certifications (e.g., CISSP, CEH) are optional.
No Canadian work experience required however must be eligible to work in Canada.
For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country
Il s'agit d'un nouveau rôle au sein de notre équipe en plein croissance | This role is a new member of our growing team.