Senior Platform Security Engineer
REMOTE /
Montreal, Quebec, Canada
- Permanent
This job allows you to work remotely
Job Description
We’re partnering with a technology consultancy that delivers complex digital solutions across healthcare and other regulated industries. Their work sits at the intersection of modern cloud architecture, AI-enabled tooling, and product engineering.
They’re hiring a senior-level Platform Security Engineer to design and implement secure cloud and identity architectures across client environments. This role blends infrastructure engineering, DevOps practices, identity management, and hands-on security implementation.
You’ll work directly with clients in embedded, cross-functional teams and may lead security initiatives on larger engagements. While many projects are within healthcare and compliance-heavy sectors, the work spans multiple industries.
This is a remote-first role within Canada, with a preference for Quebec-based candidates.
What You'll Be Doing:
This is a hands-on engineering role with architectural ownership across security and infrastructure.
Cloud & Infrastructure Security
- Design secure AWS-based cloud architectures (Azure experience also relevant)
- Implement infrastructure-as-code (Terraform preferred)
- Integrate security controls into CI/CD workflows
- Harden cloud environments to align with frameworks such as SOC 2, HIPAA, ISO 27001, or similar
- Contribute to production readiness and operational resilience
- On some engagements, you may operate more broadly as a platform engineer depending on client needs.
Identity & Access Management
- Deploy and manage enterprise identity platforms (Okta or similar providers)
- Implement SSO, MFA, and lifecycle provisioning (including SCIM)
- Design access governance workflows and least-privilege models
- Troubleshoot authentication flows and security configurations across client systems
Security Automation & Endpoint Management
- Build automation workflows to support provisioning, compliance evidence collection, and operational security tasks
- Integrate APIs and scripting (Python, Bash, or similar) to streamline security processes
- Support MDM/endpoint management solutions (e.g., Jamf, Rippling, or comparable platforms)
- Establish device security baselines and endpoint compliance controls
Advisory & Technical Leadership
- Scope and lead security workstreams within client engagements
- Collaborate with client IT and security stakeholders
- Translate compliance requirements into technical implementations
- Document controls, support audit preparation, and contribute to risk assessments
- Mentor internal team members on security best practices
Must Have Skills:
- 5+ years of experience in infrastructure, DevOps, or security engineering
- Strong cloud (ideally AWS) experience in production environments
- Hands-on infrastructure-as-code experience (Terraform or equivalent)
- Direct experience with identity providers (Okta, Azure AD, Google Workspace, etc.)
- Experience implementing SSO, MFA, lifecycle automation, and access governance
- Familiarity with compliance frameworks and audit processes
- Experience with endpoint management and device security enforcement
- Ability to communicate security trade-offs clearly to both technical and business stakeholders
- Comfortable operating in client-facing or consulting-style environments
Nice to Have Skills:
- Experience in healthcare or other regulated industries
- Consulting, advisory, or forward-deployed engineering experience
- Cloud-native security (Kubernetes, container security, workload identity)
- Security automation experience (workflows, scripting, integration tools)
- Broader software engineering background beyond scripting
- Relevant certifications (AWS Security, CISSP, etc.)
- French language capability
Special Perks:
- High-impact security architecture work
- Ownership across cloud, identity, and compliance domains
- Direct influence on client security posture
- Remote-first within Canada (EST ±2 preferred)
- Exposure to complex regulated environments
They’re looking for practical security engineers who can bridge architecture, implementation, and compliance — not just policy writers or ticket-driven operators.
You don’t need to meet every requirement to be considered.