Senior Security Engineer

7shifts is a scheduling and payroll platform designed to help restaurant teams thrive. With an easy-to-use app and industry-specific solutions, 7shifts saves time, reduces errors, and helps keep costs in check for over 55,000 restaurants. Our mission is to simplify team management and improve performance for restaurants, with a long-term vision of creating a thriving restaurant industry through the power of connected & engaged teams.

As a Senior Cloud Security Engineer at 7shifts, you won't just maintain our security posture, you'll raise it. Working closely with engineering squads, infrastructure, and every team in between, you'll automate what's manual, secure what's growing fast, and help us build security into the way we work rather than bolting it on after. Reporting to our Director of Information Security and Privacy, you'll own meaningful work across cloud security, SOC 2, and the AI tooling frontier, at a company that actually moves fast enough to make it interesting.

• Replace manual SOC 2 evidence collection with automated drift detection by building Security-as-Code directly into our GCP/GKE environment
• Partner with engineering squads to embed security into the Definition of Done, so it ships with the feature, not after
• Engineer and tune Datadog SIEM detections to cut noise, surface what matters, and route high-fidelity alerts straight to #secops
• Reduce PII exposure in real troubleshooting workflows by building masking and synthetic data tooling that developers actually want to use
• Own vulnerability management end-to-end, from identifying risks to implementing mitigations across the org
• Lead incident response when it counts and run tabletop exercises so the team is ready before it does
• Evaluate and onboard new security tooling by running POCs, gathering requirements, and making calls that move us forward without slowing teams down
• Assist with execution and deliverables pertaining to Information Security roadmap
• React promptly, decisively, and independently in high-stress situations

• 5+ years implementing security controls and operations in a SaaS environment
• Hands-on with Google Cloud Platform (GCP) and Google Kubernetes Engine (GKE), and comfortable securing the CI/CD pipelines and Git Hub Actions workflows that engineering teams actually ship through
• Real experience seeing a SOC 2 audit through to completion, not just participating in one
• Actively using AI tooling in your work today, with the judgment to help teams adopt it quickly and the instinct to know where it introduces risk
• Know your way around Infrastructure-as-Code and can spot a misconfiguration before it becomes a problem
• Understand how modern software gets built, including PR processes, and can work within them without slowing anyone down
• A strong communicator who can translate complex security tradeoffs clearly to engineers, executives, and everyone in between
• A creative problem solver who figures things out even when the resources, the team, or the playbook aren’t there yet

• Proficient in Python or Go for security automation, with the ability to read and understand code, experience with PHP or Elixir is a significant advantage in our environment
• Deep familiarity with security technologies, including SIEM, and hands-on experience with Datadog for observability-driven security
• Solid grounding in application security, threat and risk assessments, and security risk management, with exposure to bug bounty programs as a plus

This role is an existing vacancy and is part of our current hiring plan

The base compensation range for this position is CAD $130,000- CAD $160,000 annually. This range reflects the full growth path for the role, from building core skills to accomplished performance, through to role mastery. We typically target the accomplished level when hiring externally. At this level, individuals bring relevant experience in the role, demonstrate strong job-related skills, operate with confidence and consistency, and are able to deliver impact with limited ramp-up while still having meaningful opportunity to grow.

Compensation at 7shifts is performance and growth-driven. As you develop your skills and expand your impact over time, your compensation grows with you. Your specific placement within this range is based on your job-related skills, knowledge, and experience, as well as our internal equity assessment. We are always happy to discuss our approach throughout the hiring process.

• Opportunity: Our product is evolving in exciting ways, and we're focused on delivering even more value to restaurants. This momentum creates real opportunities to learn and grow. Whether you're honing your craft or exploring new paths, you'll be supported and empowered to own your growth and impact a product shaping the future of the restaurant industry.
• Challenge: We're tackling real problems in a fast-moving, complex industry. The work is scrappy and ambiguous, but…