Location
Ottawa, Canada- Hybrid
Other Canadian locations- Remote
About the role
The Security Automation Engineer designs, builds, and operates automated security capabilities across a hybrid enterprise environment spanning on-premises infrastructure and public cloud platforms. This is a hands-on, builder-oriented role focused on eliminating manual security effort by embedding security guardrails, detections, and remediation directly into platforms, pipelines, and operational workflows.
In this role, you will own the automation and orchestration layer of the security program, working closely with infrastructure, platform, data, and application engineering teams to ensure security is continuous, scalable, and enforced through code. You will have strong software engineering experience with deep security domain expertise across cloud, Kubernetes, CI/CD, data platforms, and modern AI workloads.
Vacancy Status
This is an existing job vacancy
What you will do
Security Automation & Engineering• Design and implement event-driven, API-first security automation for detection, response, and preventative controls.• Build reusable automation frameworks and libraries to enforce security standards across environments.• Replace manual security processes with code, workflows, and orchestration integrated into enterprise platforms.
Infrastructure as Code (IaC) & Policy Automation• Enforce security guardrails via policyascode (OPA/Gatekeeper, Terraform, Sentinel, cloud-native policy engines).• Automate scanning, validation, approval gates, and auto-remediation for IaC drift and misconfigurations.• Develop secure, IaC modules that embed security by default.
Container Security Automation• Automate cluster and workload hardening (RBAC validation, admission control, policy enforcement).• Integrate image scanning, signing, and deployment validation into CI/CD.• Automate runtime signal collection and response for container workloads CI/CD & Software Supply Chain Security• Embed security automation into CI/CD pipelines (SAST, SCA, DAST, secrets detection, IaC scanning).• Implement policybased gates and automated failure handling.• Automate SBOM generation, artifact signing, provenance checks, and attestation enforcement.
GitHub Security Engineering• Automate GitHub Enterprise security controls: including repository standards, branch protections, code scanning, secret scanning, and dependency management.• Enforce leastprivilege access and token hygiene via automation.• Integrate GitHub security telemetry into SIEM and SOAR pipelines.
Databricks & Data Platform Security• Automate Databricks workspace and cluster security (policies, permissions, secret scopes, token lifecycle).• Enforce data access guardrails and monitor for anomalous behavior.• Integrate Databricks telemetry into centralized logging and detection systems.
Vulnerability Automation & Remediation• Build automated pipelines that prioritize, route, and remediate vulnerabilities based on risk context.• Integrate vulnerability data with ticketing, CI/CD, and config management systems.• Develop selfservice remediation workflows for engineering teams.
Security Operations & Orchestration• Design and develop SOAR playbooks and automations for common and highimpact security events.• Integrate signals from cloud platforms, endpoints, identity systems, Kubernetes, and CI/CD into SIEM.• Continuously tune detections to improve signal quality, reduce noise, and support analyst efficiency.• Embed automated security checks into change management workflows, including prechange validation and postchange. verification.
What we are looking for
Primary Skills and Qualifications• Bachelors degree in Information Security, Computer Science, Information Technology, or equivalent practical experience.• 5 67+ years of experience in security engineering, site reliability engineering (SRE), or software engineering with a strong security focus.• Strong software engineering mindset with the ability to design, build, and operate production systems.• Proven ability to balance security rigor with delivery speed and business outcomes.• Experience operating productiongrade systems with uptime, telemetry, and reliability requirements.• Strong collaboration skills with a demonstrated ability to enable engineering teams rather than block delivery.• Excellent written and verbal communication skills, with the ability to clearly articulate complex technical concepts.• Ability to work effectively in a fastpaced, global environment with shifting priorities.• Preferred Certifications• CCSP, CISSP, CKS• Azure or GCP Security Specialty• GIAC certifications relevant to cloud or automation security
Role Specific Skills and experience• Strong software engineering skills: Python (preferred), Go or Java; REST APIs; eventdriven systems.• Infrastructure as Code (Terraform, CloudFormation etc.) with policyascode enforcement.• Strong knowledge of CI/CD security automation (GitHub Actions, Azure DevOps, GitLab).• Hands-on experience with Kubernetes security (admission control, PSS, network policy, signing, runtime security).• GitHub Enterprise security configuration and automation.• Databricks security architecture and automation.• AI / LLM workload security and usage controls.• Vulnerability management automation and remediation pipelines.• Identityfirst security (IAM, workload identity, key & secret lifecycle).
#Senior; #LI-EM1
Work With Impact: Our platform directly helps companies power the worlds supply chains. We see the results of what we do out in the world every day, when we see store shelves stocked, when medications are available for our loved ones, and so much more.
Work with Fortune 500 Brands: Companies across industries trust us to help them take control of their integrated business planning and digital supply chain. Some of our customers include Lockheed Martin, Unilever, P&G, ExxonMobil, Cisco and more.
Social Responsibility at Kinaxis: Our Diversity, Equity, and Inclusion Committee weighs in on hiring practices, talent assessment training materials, and mandatory training on unconscious bias and inclusion fundamentals. Sustainability is key to what we do and were committed to a long-term net-zero operations strategy. We are involved in our communities and support causes where we can make the most impact.
People matter at Kinaxis and here are some of the perks and benefits we offer, which may vary by location and employee:
- Flexible vacation and Kinaxis Days (company-wide days off)
- Flexible work options
- Physical and mental well-being programs
- Regularly scheduled virtual fitness classes
- Mentorship programs, training, and career development
- Recognition programs and referral rewards
- Hackathons
For more information, visit the Kinaxis website at www.kinaxis.com or the companys blog at http://blog.kinaxis.com.
