Information Security Specialist

Summary

Join Syndio, a Series C technology company, as an Information Security Specialist to protect its growing SaaS platform and internal systems. You will collaborate with various teams to design and implement security measures, ensuring compliance and a secure environment. This role involves building security foundations, managing cloud network security, and implementing endpoint security solutions. You will also perform threat modeling, vulnerability management, and data security tasks. The position requires strong analytical and problem-solving skills and experience in cybersecurity and related fields. Syndio offers competitive compensation, equity, paid time off, pension contributions, and a remote-first work environment.

Requirements

• 5+ years of experience in cybersecurity, security engineering, or a related field
• Strong background in systems engineering, network security, and/or cloud security
• Experience with application security, risk management, authentication systems, security testing, and hardening
• Familiarity with SaaS industry technologies and security considerations across major cloud providers
• Strong analytical and problem-solving skills with an ability to think independently and take initiative
• Comfortability in engaging with senior leadership, engineers, product teams, and customers on security strategy and best practices
• You are passionate about security and excited about making an impact in a growing company

Responsibilities

• Build Security Foundations – Establish and enhance security measures across our SaaS platform and its supporting infrastructure
• Cloud Network Security – Ensure secure API design and implementation, including authentication, authorization, and encryption practices for services and cloud-native architectures
• Network Security – Maintain, deploy, upgrade, and troubleshoot cloud network security infrastructure solutions, including hybrid connectivity, firewalls, web application firewalls (WAFs), intrusion prevention and detection systems (IPS/IDS) tools to ensure a resilient and secure environment
• Endpoint Security – Deploy, manage, and optimize endpoint security solutions, including antivirus, endpoint detection and response (EDR), virtualized configurations, and device hardening to protect against malware, ransomware, and other threats
• Security Logging & Monitoring – Implement and manage real-time log monitoring, audit log review, and analysis to detect and respond to potential threats
• Threat Modeling & Risk Assessment – Perform threat modeling, security design reviews, and architecture assessments for SaaS solutions to proactively identify and mitigate security risks
• Vulnerability Management – Perform routine vulnerability scanning, prioritize remediation activities, and ensure vulnerabilities are remediated in accordance with service level agreements
• Data Security and Privacy – Implement and enforce data protection measures, including encryption, data loss prevention (DLP), and access controls, to safeguard sensitive information and ensure compliance with security and privacy regulations
• Integrate Security into SDLC: Collaborate with development teams to embed security best practices throughout the software development lifecycle (SDLC), including secure coding, API security, and DevSecOps principles
• Identity and Access Management – Work closely with the IT team to enforce strong access management controls and prevent unauthorized access
• Security Automation – Automate security tasks and processes to enhance operational efficiency and reduce manual workload. Develop and maintain automated security testing solutions and integrate security tools within CI/CD pipelines to ensure continuous application security
• Technical Troubleshooting & Root Cause Analysis – Investigate, analyze, and respond to security incidents related to SaaS applications, ensuring containment, root cause analysis, and documentation
• Security Awareness and Training – Advocate for security best practices across the company, helping to build a strong security-first culture. Provide secure coding training and guidance to engineering teams, ensuring awareness of common vulnerabilities and best practices
• Project Tracking & Communication – Support security initiatives through project tracking, maintain the integrated master schedule, and present security updates to agency change boards and leadership

Benefits

• Competitive Compensation. For this role our base salary is targeted at $98k-$115k CAD
• Syndio Equity
• 20 days annually. We encourage our team to recharge when they need to, plus paid sick & safe time, compassion leave, and voting leave
• Pension Contribution
• Remote-First (within commuting distance of Calgary) #LI-Remote