Engineering Manager (Security)

TL;DR

Engineering Manager (Security): Define security roadmap, lead Security & IT team, and own compliance programs like SOC 2 and HIPAA with an accent on embedding security into SDLC, cloud infrastructure, and vendor risk management. Focus on building shift-left security culture, conducting threat modeling, vulnerability management, and incident response while scaling the function in a high-growth SaaS environment.

Location: Toronto (hybrid), with an expectation of being in the office three days per week.

Salary: CA$157,731 – CA$213,401 • Offers Equity

Company

hirify.global is a fast-growing vertical SaaS company using AI to empower personal injury lawyers with tools for faster settlements and better outcomes, backed by top VCs.

What you will do

• Define security roadmap, lead growing Security & IT team, and advise engineering, legal, and executives on risk and posture.
• Own SOC 2 Type II and HIPAA compliance end-to-end, including gap assessments, audits, and policy maintenance.
• Embed security in SDLC via threat modeling, secure reviews, vulnerability management (SAST/DAST/pen testing).
• Manage corporate IT (MDM, SSO, IAM, endpoint) and cloud security with least-privilege/zero-trust principles.
• Lead vendor risk program with assessments, contract reviews (BAAs/DPAs), and third-party monitoring.
• Handle incident response, risk register, tabletop exercises, and breach coordination.
• Drive security awareness through training, documentation, and coaching across teams.

Requirements

• Proven security leadership at startup/high-growth company, building/scaling security function.
• Hands-on SOC 2 Type II and HIPAA ownership from design to audit.
• Technical knowledge of cloud security (AWS/GCP/Azure), IAM, endpoint security, secure SDLC.
• Product security experience: vulnerability management, threat modeling, non-bottleneck integration.
• People leadership: managing/growing technical teams, hiring, development.
• Vendor/third-party risk management in data-sensitive environment.
• Builder mentality: policies, SIEM config, exec presentations, incident handling.

Culture & Benefits

• Choice of medical, dental, vision insurance; life/accident/critical illness coverage.
• Flexible PTO, sick leave, short/long-term disability, paid parental leave.
• 10 US holidays + Canadian statutory holidays by province; home office stipend.
• 401(k) for US employees, RRSP for Canada-based; local meet-up program.
• Hubs in San Francisco and Toronto; equal opportunity employer committed to diversity/inclusion.