Senior Cloud Security Engineer
External
7shifts · Toronto, On, Canada$130K–$160K/yrFull-timeOn-site1mo ago30+ days old, may be filled
Application SecurityCI/CDDatadogElixirGCPGitHub
Prepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
Responsibilities
- Replace manual SOC 2 evidence collection with automated drift detection by building Security-as-Code directly into our GCP/GKE environment
- Partner with engineering squads to embed security into the Definition of Done, so it ships with the feature, not after
- Engineer and tune Datadog SIEM detections to cut noise, surface what matters, and route high-fidelity alerts straight to #secops
- Reduce PII exposure in real troubleshooting workflows by building masking and synthetic data tooling that developers actually want to use
- Own vulnerability management end-to-end, from identifying risks to implementing mitigations across the org
- Lead incident response when it counts and run tabletop exercises so the team is ready before it does
- Evaluate and onboard new security tooling by running POCs, gathering requirements, and making calls that move us forward without slowing teams down
- Assist with execution and deliverables pertaining to Information Security roadmap
- React promptly, decisively, and independently in high-stress situations
- What you bring:
- 5+ years implementing security controls and operations in a SaaS environment
- Hands-on with Google Cloud Platform (GCP) and Google Kubernetes Engine (GKE), and comfortable securing the CI/CD pipelines and GitHub Actions workflows that engineering teams actually ship through
- Real experience seeing a SOC 2 audit through to completion, not just participating in one
- Actively using AI tooling in your work today, with the judgment to help teams adopt it quickly and the instinct to know where it introduces risk
- Know your way around Infrastructure-as-Code and can spot a misconfiguration before it becomes a problem
- Understand how modern software gets built, including PR processes, and can work within them without slowing anyone down
- A strong communicator who can translate complex security tradeoffs clearly to engineers, executives, and everyone in between
- A creative problem solver who figures things out even when the resources, the team, or the playbook aren't there yet
- It'd be even cooler if you had:
- Proficient in Python or Go for security automation, with the ability to read and understand code, experience with PHP or Elixir is a significant advantage in our environment
- Deep familiarity with security technologies, including SIEM, and hands-on experience with Datadog for observability-driven security
- Solid grounding in application security, threat and risk assessments, and security risk management, with exposure to bug bounty programs as a plus
- This role is an existing vacancy and is part of our current hiring plan
Benefits
Our commitment to our Shifties:Challenge: We're tackling real problems in a fast-moving, complex industry. The work is scrappy and ambiguous, but meaningful. You'll think critically, act with intention, and shape solutions that make a real difference for restaurant teams.Equity: We're a Series C, VCVision insuranceRemote work optionsEquity / stock options
Additional Information
7shifts is a scheduling and payroll platform designed to help restaurant teams thrive. With an easy-to-use app and industry-specific solutions, 7shifts saves time, reduces errors, and helps keep costs in check for over 55,000 restaurants. Our mission is to simplify team management and improve performance for restaurants, with a long-term vision of creating a thriving restaurant industry through the power of connected & engaged teams.
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at 7shifts? Share your experience