Canopy
Senior Security Engineer
South Jordan, UT Canopy is a fast-growing SaaS company in South Jordan, Utah building simple, efficient software for accounting firms. We are looking to revolutionize the accounting space with modern, user-friendly software for a neglected industry. We aim to help our clients unlock the firm they've always wanted with our Practice Management Suite. We place a strong emphasis on delighting our customers, spotting and solving problems, and being good people along the way. And we just secured $70M in Series C funding to help us fulfill that mission. The Opportunity We are seeking a Senior Security Engineer to lead and scale our security program with a primary focus on incident response, vulnerability management, and building out our SIEM. In this role, you'll not only defend against threats and harden our systems, but also help foster a security-aware culture through proactive communication and company-wide training initiatives. You'll work alongside Engineering, IT, DevOps, and other stakeholders to keep our environment safe and resilient. This can be a hybrid position in South Jordan, Utah (M, W, F in-office) or fully remote, but located within the state of Utah. What You'll Do Incident Response & Threat Detection Lead the detection, triage, investigation, and resolution of security incidents. Build and improve incident response processes, runbooks, and tooling. Coordinate with cross-functional teams during incident handling and postmortems. Manage and tune alerting systems (SIEM, EDR, IDS/IPS) for early threat detection. Vulnerability Management Perform regular vulnerability assessments and track remediation efforts. Conduct security reviews of code, infrastructure, and third-party software. Partner with Engineering and DevOps to prioritize and fix security gaps. Establish and maintain secure configuration baselines. Cross-Team Security Collaboration Act as a trusted advisor to Engineering, IT, Product, and Compliance teams. Integrate security best practices into the SDLC and CI/CD pipelines. Provide architectural guidance on secure system design and deployment. Champion a culture of shared responsibility for security. Security Training & Awareness Develop and deliver security awareness programs for the company. Run hands-on security training tailored for engineering teams (e.g., secure coding, threat modeling). Security Engineering & Automation Build and maintain tooling for security monitoring, response, and enforcement. Automate detection and response workflows where possible. Analyze logs and telemetry for anomalies and indicators of compromise. Compliance & Governance Support Support technical implementations for compliance frameworks (SOC 2, ISO 27001, etc.). Collaborate with Risk and Compliance to enforce internal policies and external regulations. Contribute to internal audits, risk assessments, and vendor security reviews. What We're Looking For 5+ years of experience in security engineering, incident response, or a related role. Proven track record managing security incidents and remediating vulnerabilities. Proficiency in scripting or programming languages (e.g., Python, Go, Bash). Experience with tools like SIEMs (Splunk, Sumo Logic), EDRs, and vulnerability scanners. Strong knowledge of secure infrastructure (cloud, networks, endpoints, containers). Excellent communication skills with the ability to educate and influence others. We know many women do not apply for a job if they don't perfectly fit the description. We want you to apply anyway. Bonus Points If You Have Experience working in a modern SaaS, cloud-native, or DevOps-heavy environment. Industry certifications (e.g., OSCP, CISSP, GIAC) are a plus. Familiarity with compliance standards (e.g., SOC 2, ISO 27001, HIPAA). Why You Want to Work Here Flexible Paid Time Off - you're encouraged to use, plus 10 company holidays! Health Benefits - including Medical, Dental, and Vision and an HSA Match. 401(k) - we match 100% up to 3% of your contribution. Eligibility is immediate with 100% vesting. Mental Health - all employees have access to Impact Suite & to our Employee Assistance Program (EAP). Paid New Parent Leave & Birthing Parent Leave - so you're able to care for your little ones. Supplemental Benefits - including 100% company paid Basic Life & AD&D insurance and long & short-term disability coverage. Nectar - our peer-to-peer recognition program to help our employees recognize the amazing work being done by other Canopians! Company Events - including monthly company-wide meetings, summer parties, and more. ERG Committees - to plan initiatives around continuing education, community outreach, recruiting, onboarding, and more. Fully-stocked kitchen - Keto? Vegan? Flexitarian? Mandalorian? We've got you covered. Our Values We approach our work every day with a few things in mind: Own - we focus on outcomes, holding ourselves & each other accountable. Win - we win by delighting our customers with the very best products and services. Do Good - we work hard to be good people! Embrace Curiosity & Candor - we approach everything with curiosity & we understand that candor is kindness and give the gift of feedback. To learn more about us & our values, click here. Interviewing @ Canopy Application processes can be a little stressful. Here are the stages of a typical interview process at Canopy: Once your application is received, we will review it and get back to you if we feel like it's a mutual fit! 20-minute phone call with the People Team 45-60-minute video or in-person interview with the Hiring Manager 1-3 rounds of interviews, depending on the role Final Interview Interview processes can vary depending on the role. The People Team will give you a role-specific overview of the process during your first phone call. This is your interview too! We know candidates are evaluating us just as much as we are them. We encourage you to bring questions to each of your interviewsour hiring teams will always make sure to save time for questions at the end! Canopy is an equal-opportunity employer. Canopy provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status, or veteran status.
South Jordan, UT Canopy is a fast-growing SaaS company in South Jordan, Utah building simple, efficient software for accounting firms. We are looking to revolutionize the accounting space with modern, user-friendly software for a neglected industry. We aim to help our clients unlock the firm they've always wanted with our Practice Management Suite. We place a strong emphasis on delighting our customers, spotting and solving problems, and being good people along the way. And we just secured $70M in Series C funding to help us fulfill that mission. The Opportunity We are seeking a Senior Security Engineer to lead and scale our security program with a primary focus on incident response, vulnerability management, and building out our SIEM. In this role, you'll not only defend against threats and harden our systems, but also help foster a security-aware culture through proactive communication and company-wide training initiatives. You'll work alongside Engineering, IT, DevOps, and other stakeholders to keep our environment safe and resilient. This can be a hybrid position in South Jordan, Utah (M, W, F in-office) or fully remote, but located within the state of Utah. What You'll Do Incident Response & Threat Detection Lead the detection, triage, investigation, and resolution of security incidents. Build and improve incident response processes, runbooks, and tooling. Coordinate with cross-functional teams during incident handling and postmortems. Manage and tune alerting systems (SIEM, EDR, IDS/IPS) for early threat detection. Vulnerability Management Perform regular vulnerability assessments and track remediation efforts. Conduct security reviews of code, infrastructure, and third-party software. Partner with Engineering and DevOps to prioritize and fix security gaps. Establish and maintain secure configuration baselines. Cross-Team Security Collaboration Act as a trusted advisor to Engineering, IT, Product, and Compliance teams. Integrate security best practices into the SDLC and CI/CD pipelines. Provide architectural guidance on secure system design and deployment. Champion a culture of shared responsibility for security. Security Training & Awareness Develop and deliver security awareness programs for the company. Run hands-on security training tailored for engineering teams (e.g., secure coding, threat modeling). Security Engineering & Automation Build and maintain tooling for security monitoring, response, and enforcement. Automate detection and response workflows where possible. Analyze logs and telemetry for anomalies and indicators of compromise. Compliance & Governance Support Support technical implementations for compliance frameworks (SOC 2, ISO 27001, etc.). Collaborate with Risk and Compliance to enforce internal policies and external regulations. Contribute to internal audits, risk assessments, and vendor security reviews. What We're Looking For 5+ years of experience in security engineering, incident response, or a related role. Proven track record managing security incidents and remediating vulnerabilities. Proficiency in scripting or programming languages (e.g., Python, Go, Bash). Experience with tools like SIEMs (Splunk, Sumo Logic), EDRs, and vulnerability scanners. Strong knowledge of secure infrastructure (cloud, networks, endpoints, containers). Excellent communication skills with the ability to educate and influence others. We know many women do not apply for a job if they don't perfectly fit the description. We want you to apply anyway. Bonus Points If You Have Experience working in a modern SaaS, cloud-native, or DevOps-heavy environment. Industry certifications (e.g., OSCP, CISSP, GIAC) are a plus. Familiarity with compliance standards (e.g., SOC 2, ISO 27001, HIPAA). Why You Want to Work Here Flexible Paid Time Off - you're encouraged to use, plus 10 company holidays! Health Benefits - including Medical, Dental, and Vision and an HSA Match. 401(k) - we match 100% up to 3% of your contribution. Eligibility is immediate with 100% vesting. Mental Health - all employees have access to Impact Suite & to our Employee Assistance Program (EAP). Paid New Parent Leave & Birthing Parent Leave - so you're able to care for your little ones. Supplemental Benefits - including 100% company paid Basic Life & AD&D insurance and long & short-term disability coverage. Nectar - our peer-to-peer recognition program to help our employees recognize the amazing work being done by other Canopians! Company Events - including monthly company-wide meetings, summer parties, and more. ERG Committees - to plan initiatives around continuing education, community outreach, recruiting, onboarding, and more. Fully-stocked kitchen - Keto? Vegan? Flexitarian? Mandalorian? We've got you covered. Our Values We approach our work every day with a few things in mind: Own - we focus on outcomes, holding ourselves & each other accountable. Win - we win by delighting our customers with the very best products and services. Do Good - we work hard to be good people! Embrace Curiosity & Candor - we approach everything with curiosity & we understand that candor is kindness and give the gift of feedback. To learn more about us & our values, click here. Interviewing @ Canopy Application processes can be a little stressful. Here are the stages of a typical interview process at Canopy: Once your application is received, we will review it and get back to you if we feel like it's a mutual fit! 20-minute phone call with the People Team 45-60-minute video or in-person interview with the Hiring Manager 1-3 rounds of interviews, depending on the role Final Interview Interview processes can vary depending on the role. The People Team will give you a role-specific overview of the process during your first phone call. This is your interview too! We know candidates are evaluating us just as much as we are them. We encourage you to bring questions to each of your interviewsour hiring teams will always make sure to save time for questions at the end! Canopy is an equal-opportunity employer. Canopy provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status, or veteran status.