Staff Security Engineer

Summary

Join Wrapbook as a Staff Security Engineer and contribute to a company focused on revolutionizing the project economy. This remote position (USA/Canada) offers a hands-on leadership role in ensuring robust security measures across applications, infrastructure, and architecture. You will define and execute elements of the security roadmap, collaborate with engineering teams, and assess risks. The ideal candidate possesses at least 8 years of direct security experience, deep application security knowledge, and strong technical project management skills. Wrapbook provides a competitive salary, unlimited paid time off, health and dental benefits, IT setup for your home, 401k and RRSP, and a learning and development allowance.

Requirements

• At least 8 years of direct security experience
• Broad security expertise and knowledge of core concepts including confidentiality, availability, least privilege, integrity, RBAC, and OWASP top ten
• Deep application security knowledge, with the ability to evaluate feature design risks and integrate security tools into the application stack
• Understanding of cloud and infrastructure security, including cloud-native network architecture, and the ability to recommend appropriate security controls across application, infrastructure, and network layers
• Web application or software development experience, with the ability to read and write code (Ruby and Ruby on Rails preferred) and assess application stack security
• Experience in technical project management, breaking complex challenges into actionable phases while leading teams to achieve technical goals
• Ability to be a motivated problem solver who brings critical thinking and curiosity to building secure, user-friendly products
• Ability to thrive on virtual collaboration, building strong relationships with remote team members across the company
• Demonstrated technical leadership through empathy for customers and partners, active listening, and a commitment to helping others grow professionally

Responsibilities

• Leverage your technical expertise to define and execute elements of the security roadmap
• Work with engineering teams to triage flaws or implement features
• Assess risks and strengthen our security culture
• Plan and prioritize security projects and initiatives to grow the application security capability
• Assess current application and product security capabilities to define a strategic project roadmap
• Establish and track AppSec metrics to measure effectiveness
• Master our technical architecture and product features to lead security assessments and threat modeling discussions
• Foster strong relationships with engineering teams to drive technical improvements and integrate security processes seamlessly
• Collaborate with GRC and IT peers to identify and reduce risks across the company's technology ecosystem, ensuring a holistic approach to security
• Define security requirements for product design, architecture, and implementation
• Participate in Security's on-call rotation and help improve our incident response practices
• Help build an effective security culture through training, presentations, and best practice advocacy
• Establish and maintain core processes, standards, and tooling for the Security Engineering team

Benefits

• Unlimited Paid Time Off
• Work from anywhere in Canada and USA
• Health and Dental benefits
• IT set up for your home
• 401k and RRSP
• Learning and Development Allowance