Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Offensive Security Engineer

$130k - $140k per year

Synechron

Role

Candidate will work hands‑on alongside our cybersecurity engineering and application security teams to build, operate, and advance the agentic AI systems that find, exploit, and remediate vulnerabilities end‑to‑end across our application and infrastructure estate.

Operating at a principal engineer level, the candidate will personally direct frontier AI models to discover vulnerabilities in production code, develop proof‑of‑concept exploits, generate and validate fixes, and integrate them into CI/CD pipelines with safe human‑in‑the‑loop controls. The candidate will also build reusable AI skills, prompts, and tooling that make agentic vulnerability management efficient and scalable across the estate.

The base salary for this position will vary based on geography and other factors. In accordance with law, the base salary for this role if filled within Toronto, ON is CAD $130k – CAD $140k/year & benefits (see below).

Responsibilities

  • Architect and operationalize the end‑to‑end agentic AI patching pipeline spanning detection, fix generation, automated testing, and release across SAST, DAST, SCA, IAST, container, and server vulnerabilities.
  • Use frontier AI models to discover novel vulnerabilities in production application and infrastructure code, develop proof‑of‑concept exploits, and validate that AI‑generated fixes close the underlying root cause.
  • Build and maintain the library of reusable AI skills, prompts, evaluation harness, and tooling that power agentic vulnerability discovery, triage, remediation, false‑positive analysis, and exemption workflows at scale.
  • Design and operationalize AI‑driven false‑positive analysis and exemption processes to reduce manual triage burden and surface only actionable findings to development teams.
  • Conduct hands‑on penetration testing and red team exercise against critical applications and infrastructure to validate defensive controls and agent‑generated remediations.
  • Extend agentic remediation coverage across SAST, SCA, DAST, IAST, container, and server vulnerabilities, including the data and tooling needed to connect findings back to source.
  • Design agent prompting, guardrails, evaluation frameworks, and appropriate human‑in‑the‑loop controls to ensure safe autonomous code changes, testing, and deployment.
  • Drive integration of agentic remediation into enterprise CI/CD pipelines (GitHub, Jenkins, etc.) across the deployment landscape.
  • Communicate technical design, risk trade‑offs, and delivery progress clearly to senior stakeholders including CIO, CISO, 2LOD, and Audit functions.

Requirements

  • 10+ years hands‑on experience across software engineering, offensive security, and defensive security at a principal engineer level, with demonstrated personal contributions to production codebases and published vulnerability research or penetration testing engagements.
  • Deep fluency in vulnerability classes including memory safety, injection authentication and authorization flaws, cryptographic misuse, deserialization, race conditions, and supply chain attacks, with hands‑on experience finding and exploiting each.
  • Extensive hands‑on experience with penetration testing, red teaming, exploit development, reverse engineering, and secure code review against OWASP Top 10 and SANS 25, combined with defensive engineering experience building detection and remediation capabilities.
  • Extensive hands‑on experience with application security testing tools (SAST, DAST, IAST, SCA), including tuning, false‑positive analysis, exemption workflow design, and enterprise vulnerability management at scale.
  • Deep technical fluency with agentic AI coding tools and frameworks (Claude, Devin, Copilot, Windsurf, Cursor, MCP_, including prompt engineering, agent orchestration, reusable skill and tool design, guardrail design, and evaluation).
  • Strong architectural knowledge of modern CI/CD, container platforms (Docker, Kubernetes), cloud‑native deployment patterns, and integration of security automation into developer workflows.

Preferred

  • Relevant security certifications (OSCP, OSCE, OSEP, GXPN, GWAPT, CISSP, or equivalent).
  • Experience in financial services or highly regulated industries with exposure to SOX, SOC1, and regulatory audit.
  • Public evidence of offensive capability: published CVEs, bug bounty track record, conference talks (DEFCON, Black Hat, Offensive Con, Recon), CTF placements, or open‑source security tooling contributions.
  • Hands‑on experience with enterprise vulnerability tooling (Tenable, Aqua, Snyk, BrightSec) and remediation at scale.
  • Demonstrated ability to advise senior technology leaders and deliver within complex, multi‑stakeholder enterprise environments.

Benefits

  • A multinational organization with 57 offices in 22 countries and the possibility to work abroad.
  • 15 days (3 weeks) of paid annual leave plus an additional 10 days of personal leave (floating days and sick days).
  • A comprehensive insurance plan including medical, dental, vision, life insurance, and long‑term disability.
  • Flexible hybrid policy.
  • RRSP with employer’s contribution up to 4%.
  • A higher education certification policy.
  • On‑demand Udemy for Business for all Synechron employees with free access to more than 5000 curated courses.
  • Coaching opportunities with experienced colleagues from our Financial Innovation Labs (FinLabs) and Center of Excellence (CoE) groups.
  • Cutting edge projects at the world’s leading tier‑one banks, financial institutions and insurance firms.
  • A truly diverse, fun‑loving and global work culture.

All employment decisions at Synechron are based on business needs, job requirements and individual qualifications, without regard to the applicant’s gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.

#J-18808-Ljbffr
Vacancy posted 5 hours ago
Similar jobs that could be interesting for youBased on the Offensive Security Engineer in Toronto, ON vacancy
  •  ...offers the opportunity to work on complex security challenges within a highly regulated and...  ...Strong software development and complex engineering experience Red teaming experience...  ...with Burp Suite, Metasploit, and other offensive security tools Responsibilities and Job... 
    Suggested
    Contract work
    Work at office
    Remote work

    Covenant HR

    Toronto, ON
    8 days ago
  • $62k - $99.5k per year

     ...Responsibilities:*** Perform security assessments, including static...  ...security best practices, including secure development and cloud...  ...:*** BS in Computer Science, Engineering, or related field or equivalent...  ...relevant certifications such as Offensive Security Web Assessor (OSWA),... 
    Suggested

    Rsm Us Llp.

    Toronto, ON
    8 days ago
  • $98k - $167k per year

    Cyber Security Manager - Penetration Tester 2 weeks ago Be among the...  ..., penetration testing, and secure architecture reviews of a variety...  ...penetration testing, social engineering campaigns (email, web, phone,...  ...Penetration Tester (GPEN); Offensive Security Certified Professional... 
    Suggested
    Full time

    RSM Canada

    Toronto, ON
    8 days ago
  • $80k per year

    Engineering Full Time Toronto, ON Hybrid $80,000 CAD per year “We’re...  ...lands twice. Compound a real security culture by inoculation. Run...  ...partner with every team so secure defaults become the obvious choice...  ...re looking for 3+ years in offensive security, red teaming,... 
    Suggested
    Full time
    Work at office
    Immediate start
    Day shift

    Pheedloo

    Toronto, ON
    8 days ago
  • $130k - $160k per year

     ...Responsibilities Conduct threat modeling and security design reviews for new and changing...  ...; provide actionable guidance to engineering and product teams. Own incident triage...  ...solutions that improve detection, response, and secure design (e.g., logging/SIEM, SOAR, runtime... 
    Suggested
    Long term contract
    Temporary work
    Work at office
    Local area
    Remote work
    Flexible hours

    Dormont Manufacturing Co

    Toronto, ON
    8 days ago
  • $100k - $120k per year

     ...upheld the highest standards of innovation, engineering excellence and customer service. It...  ...carrier-grade Ethernet Expertise in network security IPsec, MACsec, TLS, PKI Key management...  ...leadership Engage with vendors for secure product selection, testing, and lifecycle... 
    Long term contract
    Worldwide

    Tata Consultancy Services

    Toronto, ON
    8 days ago
  •  ...This is a remote position. Senior Cyber Security Specialist-Offensive Security Location: Remote (Canada) Experience...  ...of-concept exploits where required Work with engineering teams on remediation and secure SDLC Provide clear technical risk analysis... 
    Full time
    Contract work
    Remote work

    Trident Staff

    Toronto, ON
    8 days ago
  • $133k - $173k per year

     ...with operations throughout North America, Central America, Europe, Australia, and Japan. Movable Ink is hiring a Product Security Engineer to help secure our codebases, CI/CD pipelines, and development practices. To succeed in this role, you'll balance a security-first... 

    Movable Ink

    Toronto, ON
    8 days ago
  • Cloud Security Engineer We are seeking a Cloud Security Engineer with deep AWS expertise to secure our cloud infrastructure, applications, and workloads. This role is responsible for designing and implementing security controls, ensuring compliance, and integrating security... 

    Momentum Financial Services Group

    Toronto, ON
    8 days ago
  • Senior Security Engineer At Cognichip, we are building the next-generation IDE to empower semiconductor...  ...with high-performance simulation engines. We are seeking an experienced Security...  ...environments to enable engineering teams with secure defaults, templates, and self‑service... 

    Cognichip

    Toronto, ON
    8 days ago
  •  ...organizations worldwide. Work Location: Toronto, Ontario - 3 days office Role Summary We are seeking a highly experienced Network Security & Network Data Professional with deep expertise in switching, routing, modern network technologies, SD‑WAN, and enterprise‑grade... 
    Work at office
    Worldwide

    HCLTech

    Toronto, ON
    2 days ago
  • Job Description Insight Global is seeking a senior security infrastructure engineer to join their security operations team in a hands on implementation capacity. This is not purely an operational monitoring role, it will require someone who is designing, deploying and configuring... 
    2 days per week
    1 day per week

    Insight Global

    Toronto, ON
    11 hours ago
  • Elevate AI security efforts at Cohere as a Security Software Engineer. Develop secure architecture and implement essential features to protect user data on a large scale. This role is crucial for ensuring secure user-facing software with Cohere’s North team. You will focus... 

    Cohere

    Toronto, ON
    5 hours ago
  • Join Diligent as an AI Engineer focused on designing automation systems for security and compliance. This role transforms manual processes using AI-driven solutions to improve efficiency. As an AI Engineer at Diligent in Toronto, you will develop innovative automation strategies... 

    Diligent

    Toronto, ON
    5 hours ago
  • Elevate your career at Sentry as a Senior Security Engineer, driving application and platform security in a collaborative hybrid setting. Contribute to shaping a more secure cloud application and Kubernetes platform. Sentry is seeking a Senior Security Engineer to fortify... 

    Dormont Manufacturing Co

    Toronto, ON
    2 days ago
  • Become a Security Automation Engineer at Faire, focusing on developing automated security solutions. Engage with cutting-edge technology to protect independent retailers worldwide. In this role, you will lead automation strategies within security controls while collaborating... 
    Worldwide

    Faire

    Toronto, ON
    5 days ago
  • A leading IT staffing firm in Toronto seeks a skilled developer to design and develop security software applications. The role requires a Bachelor's degree in a relevant field and over 5 years of experience in Java. Responsibilities include providing technical leadership and... 

    Collabera

    Toronto, ON
    8 days ago
  •  ...results, in an inclusive and high-performing culture. The Senior Security Engineer, Security Solutions Engineering will be responsible for...  ...leadership as a hands‐on developer and solution designer, building secure full‐stack solutions and integrating AI capabilities that... 
    Flexible hours

    Scotiabank

    Toronto, ON
    8 days ago
  • Advance your career as a Network Security Engineering Specialist with Scotiabank, where you'll work on implementing and maintaining state-of-the...  ...in risk management and vulnerability assessments Create secure networks and protect Scotiabank's digital assets through innovative... 

    Scotiabank

    Toronto, ON
    8 days ago
  • Platform Security & Governance Engineer About the role Clinical research data is among the most sensitive data there is — participant information, safety records, regulatory documents, and the evidence trials are ultimately inspected on. MAESTRO's job is not only to protect... 
    Permanent employment
    Relocation

    RAN BioLinks

    Toronto, ON
    8 days ago
  •  ...incredible untapped potential that technology, built on Arm, can realize. Our ambitious global team of over 6000 pioneers unites hardware engineers, software engineers, data analysts, and more – all driven by a once-in-a-generation desire to unleash creativity and change the... 
    Internship

    Arm Limited

    Toronto, ON
    8 days ago
  • Join a Challenger At EQB, we're remaking banking so every Canadian gets ahead, every day. Serving nearly 4 million Canadians from coast to coast, we offer a wide variety of financial services from banking and lending, to trust and credit union solutions.  We've been at...
    Full time

    eqbank

    Toronto, ON
    13 days ago
  •  ...modern pentesting. Combining world‑class security professionals with AI and automation,...  ...and breadth in Android Malware Reverse Engineering as well as the soft skills to effectively...  ...Ghidra, IDA, jadx, etc. 3‑5 years of offensive security experience. Experience with... 
    Worldwide

    Ten Eleven Ventures

    Toronto, ON
    8 days ago
  • Join Tenable as a Security Engineer in Toronto, specializing in technical sales and customer engagement. Use your expertise to align security solutions with client business objectives. As a Security Engineer, you will identify technology opportunities and develop compelling... 

    Tenable

    Toronto, ON
    11 hours ago
  • Become a Hybrid Network Security Engineer in Toronto with a leading Canadian fintech firm. This role focuses on leading network security initiatives and collaborating with cross-functional teams. As a senior member of the team, you will direct network security efforts, analyze... 

    Canadian financial technology firm

    Toronto, ON
    5 hours ago
  • Become a key player in network security as a Sales Engineering Specialist. Provide technical expertise that drives customer satisfaction and solution alignment, all while working remotely anywhere in Canada. This role is designed for a mid-senior level professional eager... 
    Internship
    Remote work
    Flexible hours

    StealthWatch

    Toronto, ON
    8 days ago
  • Drive AI security innovations as a Security Engineer at Homebase, focusing on secure development and threat modeling for AI-driven applications. Make a significant impact within a growing team. In this role, you will need a deep understanding of application security and... 
    Work from home

    Homebase

    Toronto, ON
    8 days ago
  • Shape security strategies at Rates.ca as the Senior Manager of Security Engineering. In this in-office position, focus on risk reduction via compliance and advanced cyber measures...  ...workflows, manage vendor risks, and implement secure SDLC standards. You will significantly... 
    Work at office

    Rates.ca

    Toronto, ON
    8 days ago
  • Take the lead in implementing advanced micro-segmentation solutions as a Network Security Engineer specializing in Guardicore/Akamai for a high-profile financial client. This senior role enhances infrastructure security. In this significant position, you’ll draw on your... 

    BeachHead Inc.

    Toronto, ON
    8 days ago
  • Are you ready to lead advanced security initiatives with innovative micro-segmentation solutions? Apply Now! Working with one of our top financial clients, this role calls for a Network Security Engineer - Guardicore/Akamai. You will be instrumental in designing and implementing... 

    BeachHead Inc.

    Toronto, ON
    8 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Offensive Security Engineer. Be the first to apply!