Location: Ottawa, ON or Toronto ON| Hybrid
Department: R&D- Cybersecurity
Reports To: Saurav Jha, Information Security & Technology Lead
Type: Permanent | Full-Time
At Solink, our mission is to safeguard what matters most. We provide businesses with the tools to know sooner and act faster by transforming video security into real-time operational insights.
Our cloud-based platform integrates seamlessly with your existing cameras and systems, turning them into intelligent sensors that detect and interpret key moments. This empowers teams to make data-driven decisions, enhance security, and improve operational efficiency.
Trusted by over 30,000 locations across 32+ countries - including brands like McDonald’s and JYSK - Solink delivers clarity when it counts. Our solutions help businesses reduce shrink, optimize performance, and respond proactively to potential threats.
We're growing rapidly, earning industry recognition, and scaling with purpose. We’ve been recognized by Deloitte’s Fast 50 and Fast 500, Business Intelligence Group, and as one of Ottawa’s Best Places to Work. And we’re just getting started!
We're looking for a seasoned Security Engineer who brings deep, hands-on expertise across the security spectrum. Your primary focus will be Application Security and Vulnerability Management owning and maturing these disciplines as Solink continues to scale. But this isn't a narrow role.
You'll also be a key contributor to incident response, endpoint detection and response (EDR), and day-to-day security operations, stepping in wherever your expertise is needed most. You'll work closely with corporate and product/engineering teams, building the kind of collaborative relationships that make security a shared responsibility. Whether you're embedding guardrails into CI/CD pipelines, helping triage a critical vulnerability, making recommendations on shift-left developer practices, or advising an IT partner on endpoint hardening you bring calm and confident judgment and the technical depth to back it up.
This role reports to the Manager of Security and Compliance, under the Director of Cybersecurity. It's a high-autonomy position for someone who thrives on building, mentoring, and driving systemic improvement.
Triage and coordinate remediation of vulnerabilities across SAST, SCA, DAST, CSPM, external reconnaissance, security advisories, and bug reports
Own the SAST, DAST, and SCA technical stack end-to-end including configuration, execution, triage, and reporting across Solink's technology stack
Lead Solink's shift-left security program by embedding security guardrails, automated checks, and developer tooling into IDEs and CI/CD pipelines to identify issues early and drive adoption across teams
Leverage AI-powered security tools and modern techniques for vulnerability discovery and triage, combining them with practical experience and traditional security tooling.
Develop scalable practices, automation workflows, and documentation that raise the security bar across the organization
Participate in architecture reviews and threat modeling exercises, providing security and compliance guidance across product-engineering and corporate systems.
Conduct source code and whitebox security assessments, providing actionable recommendations to improve security posture
Support incident response activities, including investigation, containment, recovery, and post-incident reviews.
Contribute to threat hunting and red team exercises across AWS, Kubernetes, and other cloud environments.
Support compliance initiatives, evidence collection, audit readiness and the ongoing automation of compliance processes.
Help teams adopt AI tools securely by contributing to AI threat modeling, implementing appropriate controls, and addressing emerging AI-related risks.
Partner with IT Services and corporate stakeholders on endpoint security, EDR, and broader security operations initiatives.
Execute penetration tests for web, mobile, and API applications.
Must-Have:
8+ years of experience in security engineering, application security, cloud security, or related disciplines, with hands-on experience securing production environments.
Deep expertise in application security and vulnerability management, including SAST, DAST, SCA, penetration testing, and secure code review.
Experience integrating security tooling into CI/CD pipelines and DevSecOps workflows.
Proficiency in at least one scripting language (Python, Go, or equivalent), with experience building and automating security tooling.
Hands-on cloud security experience in AWS or GCP.
Experience with SIEM platforms, detection engineering, incident investigation, and security operations.
Strong understanding of IAM, including SSO, MFA, RBAC, PAM, and identity threat detection.
Knowledge of OWASP Top 10, secure development practices, software supply chain security, and SBOMs.
Comfortable leveraging AI-powered tools and adapting to emerging security technologies.
Strong communication, ownership, and problem-solving skills, with the ability to influence technical and non-technical stakeholders.
Familiarity with security and compliance frameworks such as SOC 2, ISO 27001, NIST CSF, and MITRE ATT&CK/ATLAS.
Bachelor's degree in Information Security, Computer Science, Engineering, or equivalent practical experience.
Nice-to-Have:
Security certifications such as CISSP, CCSP, GSEC, GCIH, or AWS/GCP Security Specialty.
Experience with Kubernetes, container security, and cloud security posture management.
Experience securing AI-enabled systems, AI governance, or AI-specific security risks and frameworks.
Familiarity with LLM-based security tools, autonomous vulnerability discovery, or bug bounty programs.
Experience supporting compliance automation, GRC initiatives, customer trust programs, or security assurance efforts.
Success working on small, high-impact security teams with broad ownership across multiple domains.
Candidates must undergo a criminal records check upon hire;
Be a Canadian Citizen (dual citizens included), or eligible to work in Canada;
Be willing to comply with Solink’s own security policies and standards.
We do things the Solink way:
Act with URGENCY – Our customers move fast, so we do too.
Deliver with QUALITY – We sweat the details and hold a high bar.
Win with TEAM – No egos. Just outcomes, built together.
Lead with TRUST – We earn it through clarity, consistency, and care.
These aren’t just words—they shape how we hire, lead, and grow.
We’re not just building tech - we’re building a place where great people do great work.
Clarity and trust: Where the role allows, we support flexibility in how and where work gets done - and we’re upfront about what’s required.
Meaningful equity: Every full-time, permanent employee has a stake in our growth.
Comprehensive benefits: Fully paid health & dental (no waiting period) + $500 health spending account.
Wellness support: Monthly reimbursement for fitness, wellness, or mental health programs.
Growth through merit: Advancement is based on contribution, initiative, and the ability to raise the bar - together.
Candid culture: Clear expectations, honest feedback, and no politics.
Social connection: From So-learns to Solink-o and So-lunches, we stay connected in ways that actually feel fun.
We respect your time and value transparency. Here’s a general idea of what to expect:
Intro call with our Talent Team
Interview with the Hiring Manager
Technical Panel Interview
Final CTO Interview
Reference Checks
Offer & onboarding
Submit your resume and a short cover letter via our [Careers Page]. Let us know what excites you about this role, and how you’d help move Solink forward.
Compensation Range: CA$120K - CA$150K
