Director of Engineering, Security in charge of Nexxen's security program and governance. Leading secure practices and collaborating with executives to ensure risk reduction and compliance.
About the role
- Lead Security Engineer at US Mobile building systems for the 21st century with a focus on fraud prevention and security integration across SDLC.
Responsibilities
- Write and review production code in Java, Kotlin, and Go, ensuring security best practices are applied across APIs, backend services, and infrastructure automation — with particular attention to payment processing flows and data integrity.
- Perform secure code reviews and guide developers on secure design patterns, embedding fraud-aware coding standards into engineering workflows from the ground up.
- Monitor and analyze application and network traffic using tools like Datadog and Cloudflare WAF to identify anomalies, payment abuse patterns, account takeover attempts, and emerging threats across cloud and application environments.
- Build and automate security tooling that integrates into CI/CD pipelines for vulnerability scanning, dependency management, and code integrity checks — including controls specific to payment and billing service deployments.
- Collaborate with DevOps and backend engineers to design secure architectures, enforce least privilege, and adopt zero-trust principles across subscriber lifecycle flows including onboarding, SIM activation, number porting, and payment processing.
- Lead threat modeling, risk assessments, and incident response for fraud and security events — maintaining playbooks, coordinating responses, and translating findings into actionable hardening improvements across Telecom-specific attack surfaces.
- Stay current with evolving fraud techniques, exploits, and threat intelligence, proactively applying new research to harden payment systems, detection models, and security tooling against emerging attack vectors.
Requirements
- Bachelor’s degree in Computer Science, Software Engineering, or a related field.
- 7+ years of experience in fraud, cybersecurity, application security, or security engineering — ideally in developer-heavy environments.
- Strong software engineering background with hands-on experience in Java, Kotlin, or Go (comfortable reading and writing production code).
- Deep understanding of secure software development, API security, and microservices architectures.
- Experience integrating security into CI/CD pipelines and cloud-native environments (AWS, GCP, or similar). Understanding of compliance frameworks such as PCI-DSS, SOC 2, or ISO 27001 is a strong plus.
- Familiarity with observability and monitoring platforms such as Datadog, Cloudflare WAF, or similar tools for traffic analysis and anomaly detection.
- Proficiency with security monitoring and automation tools (SIEM, EDR, IDS/IPS, etc.).
- Excellent communication skills and the ability to collaborate with both engineers and leadership.
- Certifications like CISSP, OSWE, GCSA, or CISM are a plus but not required — demonstrable coding and analytical ability matter most.
Benefits
- Competitive salary - 150k CAD - 220k CAD (based on experience/location)
- Flexible working hours
- Supplemental health insurance
- Professional development stipend
- $500 wfh tech set-up reimbursement
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Health and Safety Manager designing and implementing safety measures in occupational health. Collaborating with organizational areas to manage risk factors and ensure workplace safety.
Business Development Representative at xorlab driving proactive lead generation in cybersecurity market. Collaborating closely with sales and marketing team to optimize lead development processes.
Cyber Security Architect responsible for IT security compliance and cyber - risk management at a Swiss utility firm. Engaging with cross - functional teams to implement 'Secure - by - design' strategies.
Information Security Officer ensuring cybersecurity at an IT service provider for food and beverage sector. Developing strategies and overseeing security protocols while reporting to management.
Head of Information Security at Aurora shaping security strategy and governance in a software - focused global business. Leading security efforts to ensure resilience and compliance across operations.
Senior Security Engineer specializing in penetration testing and security strategies for fintech. Collaborating with teams to enhance security for AI applications and financial systems.
Principal Cyber Security Engineer for Identity Access Management at MSK managing identity solutions and advanced identity platforms. Partnering with stakeholders to align identity strategy and lead IAM initiatives.
Join The Missing Link as a Security Engineer, leveraging 3 - 4 years of IT Security experience. Lead projects in a collaborative environment with a focus on innovation and impact.
Engineer in Health, Safety and Environment for ArianeGroup focusing on industrial risk management. Involves audits, assessments, and safety training participation.