Senior Security Engineer (Application & Platform Security)
Top Benefits
About the role
- The Security Team is responsible for securing all things Sentry: our customers, our code, and everything in between
- We are a small but growing team with broad scope, high trust, and the autonomy to tackle hard security problems with creativity and an engineering mindset
- We work at a company with a strong developer culture, building a product that millions of developers genuinely love and rely on
- That context shapes everything about how we operate
- As a Senior Security Engineer on this team, you’ll work across application and platform security domains
- You’ll own and shape the practices that keep Sentry secure as we grow: security reviews, threat modeling, vulnerability management, and embedding secure coding practices into an engineering organization that cares about doing things right
- You’ll partner closely with product and engineering teams to influence how features are designed and built from the start
- You will work as a technical collaborator who helps make the secure path the obvious one
- As Sentry expands our agentic product capabilities and development practices, you’ll also find yourself at the frontier of a new set of security challenges
- Own and mature Sentry’s security review program. From secure code review, to architecture review, and threat modeling. You will build processes, tooling, and culture which makes security a natural part of how we ship and operate
- Influence mature vulnerability management practices. Intake, triage, prioritization, remediation tracking, and management of our bug bounty and responsible disclosure program
- Champion secure-by-design principles. Partner with engineering and product teams to embed security early in the development lifecycle and integrate security tooling into developer and CI/CD workflows
- Validate and reproduce application and infrastructure security findings. Scanning, manual testing, coordinate penetration testing and vulnerability validation across Sentry’s application, SDKs and cloud-based platform
- Evaluate and respond to emerging threats relevant to application security Sentry. We build and operate a complex application and cloud environment, including the novel attack surface introduced by Sentry’s agentic product features and AI-assisted engineering practices
Benefits
- Competitive Compensation + Equity
- 401k Plan
- Medical, Dental, Vision Insurance
- Commuter Stipend
- Professional Development Stipend
- Health & Wellness Benefits
- Charitable Matching Program
- Flexible PTO
- Paid Parental Leave- Enjoy operating cross-functionally, building relationships, and influencing with technical expertise, and shaping how security gets done across a fast-moving engineering organization
- Get excited when something new lands on your desk, be it an interesting vulnerability, a sweet exploit, a novel agentic architecture, an unfamiliar cloud primitive, or a bug class you haven’t seen before
- Reach for automation first, you’d rather build a scalable, systematic solution to a security problem than solve it manually a hundred times
- Thrive with real ownership, you prefer to build and drive work end-to-end, you’re energized by the autonomy that comes with being on a small, high-trust team
- Love working in an developer-forward culture where your colleagues are builders who care deeply about code quality and customer satisfaction
- 5+ years of industry experience designing, building, securing complex applications and large-scale distributed cloud systems
- Direct experience with security reviews, SDLC practices, secure CI/CD, architecture reviews, threat modeling, vulnerability management, bug bounty and responsible disclosure programs
- Degree in Computer Science or a related field, equivalent training, or professional experience
- A collaborative approach to problem solving paired with strong written and verbal communication
- Experienced and comfortable programming in at least one language, must be comfortable reviewing Python, Typescript, Go, Rust applications
- Familiarity with using distributed cloud technology (AWS, GCP, Azure, Kubernetes, Docker, Terraform, etc.) and securing those technologies (cloud networking, IAM, etc.)
- Not sure if you meet 100% of the qualifications? We encourage you to apply anyway. We’re interested in people are excited about this opportunity and eager to grow
Not the right fit? Search for Security Engineer jobs in Toronto, Ontario, Canada {{REMOTE}}
About Sentry
Your business. Your employees. Your peace of mind. At Sentry, we understand what matters most to you. Because we've spent the last 120 years building trust with our customers—one conversation at a time. We got our start in 1904, when members of the Wisconsin Retail Hardware Association formed their own insurance company. Our dedication to personalized service—and to honoring our Midwestern roots—has helped make Sentry part of one of the largest and most financially secure mutual insurance groups in the United States. Our customers work in a wide range of industries, including transportation, manufacturing, metalworking, construction, auto dealerships, and more. Many of them have been with us for decades. From 401(k) plans and general liability, to commercial property and workers’ compensation, we offer solutions that can help protect your business and your employees. We are headquartered in Stevens Point, Wisconsin, and have offices located across the United States. With more than $25 billion in assets, an $8 billion* policyholder surplus, and an A+ (superior) rating from AM Best,** the industry’s leading rating authority, we can help provide you peace of mind. To learn more about us, the industries we serve, and the products we offer, visit sentry.com. The content provided here is for informational purposes only: https://www.sentry.com/footer/legal-disclaimer. *Assets and policyholder surplus are as of December 31, 2023, and represent the aggregate total for all members of the Sentry Insurance Group and are not reflective of any individual underwriting company. https://www.sentry.com/-/media/sentry-insurance/home/about-us/annual-report-2023/2023-sentry-year-in-review.ashx **Sentry has an AM Best Financial Strength Rating (FSR) of A+ (superior), current as of June 2024. For details about AM Best’s rating scale, see ambest.com/ratings/guide.pdf.
Similar Jobs
Senior Security Engineer (Application & Platform Security)
Top Benefits
About the role
- The Security Team is responsible for securing all things Sentry: our customers, our code, and everything in between
- We are a small but growing team with broad scope, high trust, and the autonomy to tackle hard security problems with creativity and an engineering mindset
- We work at a company with a strong developer culture, building a product that millions of developers genuinely love and rely on
- That context shapes everything about how we operate
- As a Senior Security Engineer on this team, you’ll work across application and platform security domains
- You’ll own and shape the practices that keep Sentry secure as we grow: security reviews, threat modeling, vulnerability management, and embedding secure coding practices into an engineering organization that cares about doing things right
- You’ll partner closely with product and engineering teams to influence how features are designed and built from the start
- You will work as a technical collaborator who helps make the secure path the obvious one
- As Sentry expands our agentic product capabilities and development practices, you’ll also find yourself at the frontier of a new set of security challenges
- Own and mature Sentry’s security review program. From secure code review, to architecture review, and threat modeling. You will build processes, tooling, and culture which makes security a natural part of how we ship and operate
- Influence mature vulnerability management practices. Intake, triage, prioritization, remediation tracking, and management of our bug bounty and responsible disclosure program
- Champion secure-by-design principles. Partner with engineering and product teams to embed security early in the development lifecycle and integrate security tooling into developer and CI/CD workflows
- Validate and reproduce application and infrastructure security findings. Scanning, manual testing, coordinate penetration testing and vulnerability validation across Sentry’s application, SDKs and cloud-based platform
- Evaluate and respond to emerging threats relevant to application security Sentry. We build and operate a complex application and cloud environment, including the novel attack surface introduced by Sentry’s agentic product features and AI-assisted engineering practices
Benefits
- Competitive Compensation + Equity
- 401k Plan
- Medical, Dental, Vision Insurance
- Commuter Stipend
- Professional Development Stipend
- Health & Wellness Benefits
- Charitable Matching Program
- Flexible PTO
- Paid Parental Leave- Enjoy operating cross-functionally, building relationships, and influencing with technical expertise, and shaping how security gets done across a fast-moving engineering organization
- Get excited when something new lands on your desk, be it an interesting vulnerability, a sweet exploit, a novel agentic architecture, an unfamiliar cloud primitive, or a bug class you haven’t seen before
- Reach for automation first, you’d rather build a scalable, systematic solution to a security problem than solve it manually a hundred times
- Thrive with real ownership, you prefer to build and drive work end-to-end, you’re energized by the autonomy that comes with being on a small, high-trust team
- Love working in an developer-forward culture where your colleagues are builders who care deeply about code quality and customer satisfaction
- 5+ years of industry experience designing, building, securing complex applications and large-scale distributed cloud systems
- Direct experience with security reviews, SDLC practices, secure CI/CD, architecture reviews, threat modeling, vulnerability management, bug bounty and responsible disclosure programs
- Degree in Computer Science or a related field, equivalent training, or professional experience
- A collaborative approach to problem solving paired with strong written and verbal communication
- Experienced and comfortable programming in at least one language, must be comfortable reviewing Python, Typescript, Go, Rust applications
- Familiarity with using distributed cloud technology (AWS, GCP, Azure, Kubernetes, Docker, Terraform, etc.) and securing those technologies (cloud networking, IAM, etc.)
- Not sure if you meet 100% of the qualifications? We encourage you to apply anyway. We’re interested in people are excited about this opportunity and eager to grow
Not the right fit? Search for Security Engineer jobs in Toronto, Ontario, Canada {{REMOTE}}
About Sentry
Your business. Your employees. Your peace of mind. At Sentry, we understand what matters most to you. Because we've spent the last 120 years building trust with our customers—one conversation at a time. We got our start in 1904, when members of the Wisconsin Retail Hardware Association formed their own insurance company. Our dedication to personalized service—and to honoring our Midwestern roots—has helped make Sentry part of one of the largest and most financially secure mutual insurance groups in the United States. Our customers work in a wide range of industries, including transportation, manufacturing, metalworking, construction, auto dealerships, and more. Many of them have been with us for decades. From 401(k) plans and general liability, to commercial property and workers’ compensation, we offer solutions that can help protect your business and your employees. We are headquartered in Stevens Point, Wisconsin, and have offices located across the United States. With more than $25 billion in assets, an $8 billion* policyholder surplus, and an A+ (superior) rating from AM Best,** the industry’s leading rating authority, we can help provide you peace of mind. To learn more about us, the industries we serve, and the products we offer, visit sentry.com. The content provided here is for informational purposes only: https://www.sentry.com/footer/legal-disclaimer. *Assets and policyholder surplus are as of December 31, 2023, and represent the aggregate total for all members of the Sentry Insurance Group and are not reflective of any individual underwriting company. https://www.sentry.com/-/media/sentry-insurance/home/about-us/annual-report-2023/2023-sentry-year-in-review.ashx **Sentry has an AM Best Financial Strength Rating (FSR) of A+ (superior), current as of June 2024. For details about AM Best’s rating scale, see ambest.com/ratings/guide.pdf.