Key skills
AzureGCPTerraformKubernetesIAMSaaSCI/CDCollaborationCloud Security
About this role
Kinaxis is a global leader in modern supply chain orchestration, and they are seeking a seasoned Information Security Engineer to design and implement complex security controls across a hybrid environment. The role involves collaboration with various teams to enhance security measures and respond to incidents effectively.
Responsibilities:
- Design, implement, and operate security controls across Corporate IT environments and the Kinaxis Maestro SaaS platform, aligned with approved standards and architectures
- Translate security requirements into practical, scalable engineering solutions across identity, endpoint, network, workload, application, and data layers
- Contribute to secure configuration standards and reference architectures
- Lead security engineering efforts for complex initiatives such as cloud migrations, SaaS integrations, container and Kubernetes adoption, and platform modernization
- Embed security controls into CI/CD pipelines and infrastructure‑as‑code workflows
- Partner with Security Architecture to operationalize approved security patterns and guardrails
- Work closely with IT, SaaS Operations, Product Development, and Business Systems teams to identify, prioritize, and reduce exposure to known vulnerabilities and misconfigurations
- Support risk‑based remediation planning, track remediation actions to closure, and implement remediation directly where required and within scope
- Verify remediation effectiveness and contribute to durable control improvements that prevent recurrence
- Contribute to detection engineering and monitoring capabilities that enable early identification of threats and control failures
- Act as a technical escalation point during complex security incidents, supporting investigation, containment, and remediation
- Participate in post‑incident root‑cause analysis and corrective action implementation
Requirements:
- Bachelor's degree in Information Security, Computer Science, Information Technology, or equivalent experience
- 6–8 years of experience in security engineering, cloud security, or enterprise security roles
- Strong hands‑on experience implementing and operating security controls across multiple domains
- Experience securing GCP and/or Azure environments, including hybrid or multi‑account deployments
- Solid understanding of modern authentication, identity federation, and access control models
- Working knowledge of security frameworks such as NIST CSF, ISO 27001/27002, and SOC 2
- Influencing architecture, risk decisions, and roadmap priorities without formal authority
- Adaptable and resilient in high-urgency operational contexts
- Demonstrated ability to coach or mentor junior team members
- Experience designing, implementing, and operating security controls to protect enterprise and SaaS environments, with direct responsibility for improving control effectiveness across identity, endpoint, network, workload, application, and data layers
- Experience identifying, validating, and prioritizing vulnerabilities and misconfigurations using a risk‑based approach across cloud, SaaS, and enterprise systems
- Drives remediation of high‑risk vulnerabilities, including hands‑on implementation where required
- Proven experience collaborating with engineering teams to embed security controls into platform designs, CI/CD pipelines, and infrastructure‑as‑code workflows throughout system lifecycle
- Hands-on experience with SIEM and XDR platforms (Microsoft Sentinel, Defender for Endpoint, or similar)
- Proven experience implementing and managing controls such as firewalls, network segmentation, private connectivity, and secure ingress/egress, with a focus on reducing attack surface
- Experience with security technologies including firewalls, IDS/IPS, SIEM, CNAPP, IAM, encryption, and authentication mechanisms
- Strong understanding of industry-recognized cybersecurity frameworks, including ISO 27001, NIST CSF, and SOC 2
- Desired: CISSP, CCSP, Certified Security – GCP or Azure Security Engineer
- Preferred: GIAC Cloud Security, OSCP, HashiCorp Terraform Associate or policy-as-code certifications