Security Engineer

Overview

Kinaxis is a global leader in modern supply chain orchestration, powering complex global supply chains and supporting the people who manage them. Our platform provides transparency and visibility across end-to-end supply chains, enabling faster, better decisions. We are expanding our team as we continue to innovate and revolutionize how we support our customers. Location: Ottawa, Canada - Hybrid; Other Canadian locations - Remote. About The Role

The Information Security Engineer is a seasoned cybersecurity professional responsible for designing and implementing complex security controls across a hybrid environment spanning public cloud and on-premise infrastructure, supporting both Corporate IT environments and the Kinaxis Maestro SaaS platform. You will collaborate closely with IT, SaaS Operations, Product Development, and Business Systems teams to design durable controls, support and implement remediation activities, and strengthen detection and response capabilities. You will focus on solution design and technical execution. This is an existing job vacancy. What you will do

Security Engineering & Control Design: Design, implement, and operate security controls across Corporate IT environments and the Kinaxis Maestro SaaS platform, aligned with approved standards and architectures. Translate security requirements into practical, scalable engineering solutions across identity, endpoint, network, workload, application, and data layers. Contribute to secure configuration standards and reference architectures. Cloud, Platform & Application Security: Lead security engineering efforts for complex initiatives such as cloud migrations, SaaS integrations, container and Kubernetes adoption, and platform modernization. Embed security controls into CI/CD pipelines and infrastructure-as-code workflows. Partner with Security Architecture to operationalize approved security patterns and guardrails. Vulnerability Management & Risk Reduction: Work with IT, SaaS Operations, Product Development, and Business Systems teams to identify, prioritize, and reduce exposure to known vulnerabilities and misconfigurations. Support risk-based remediation planning, track remediation actions to closure, and implement remediation directly where required and within scope. Verify remediation effectiveness and contribute to durable control improvements to prevent recurrence. Detection, Incident Response & Resilience: Contribute to detection engineering and monitoring capabilities for early threat identification and control failures. Act as a technical escalation point during complex security incidents, supporting investigation, containment, and remediation. Participate in post-incident root-cause analysis and corrective action implementation. Qualifications

Primary Skills And Qualifications Bachelor’s degree in Information Security, Computer Science, Information Technology, or equivalent experience. 6–8 years of experience in security engineering, cloud security, or enterprise security roles. Strong hands-on experience implementing and operating security controls across multiple domains. Experience securing GCP and/or Azure environments, including hybrid or multi-account deployments. Solid understanding of modern authentication, identity federation, and access control models. Working knowledge of security frameworks such as NIST CSF, ISO 27001/27002, and SOC 2. Influencing architecture, risk decisions, and roadmap priorities without formal authority. Adaptable and resilient in high-urgency operational contexts. Demonstrated ability to coach or mentor junior team members. Certifications: Desired: CISSP, CCSP, Certified Security – GCP or Azure Security Engineer. Preferred: GIAC Cloud Security, OSCP, HashiCorp Terraform Associate or policy-as-code certifications. Role Specific Skills And Experience Experience designing, implementing, and operating security controls to protect enterprise and SaaS environments, with direct responsibility for improving control effectiveness across identity, endpoint, network, workload, application, and data layers. Experience identifying, validating, and prioritizing vulnerabilities and misconfigurations using a risk-based approach across cloud, SaaS, and enterprise systems. Drives remediation of high-risk vulnerabilities, including hands-on implementation where required. Proven experience collaborating with engineering teams to embed security controls into platform designs, CI/CD pipelines, and infrastructure-as-code workflows throughout system lifecycle. Hands-on experience with SIEM and XDR platforms (Microsoft Sentinel, Defender for Endpoint, or similar). Proven experience implementing and managing controls such as firewalls, network segmentation, private connectivity, and secure ingress/egress, with a focus on reducing attack surface. Experience with security technologies including firewalls, IDS/IPS, SIEM, CNAPP, IAM, encryption, and authentication mechanisms. Strong understanding of industry-recognized cybersecurity frameworks, including ISO 27001, NIST CSF, and SOC 2. Work With Impact

Our platform directly helps companies power the world’s supply chains. We see the results of what we do in the real world every day. Benefits

Flexible vacation and Kinaxis Days (company-wide days off) Flexible work options Physical and mental well-being programs Regular virtual fitness classes Mentorship programs, training, and career development Recognition programs and referral rewards Hackathons Additional Information

Kinaxis is committed to an inclusive, accessible recruitment process. If you require accommodations during the recruitment process, please reach out to recruitmentprograms@kinaxis.com. AI tools are used in the initial screening to compare resumes against the job description; final hiring decisions are made by humans.

#J-18808-Ljbffr