Who you’ll be joining.

At ecobee, we are committed to building innovative and secure smart home solutions. As an Intermediate Cloud Security Engineer, you will play a critical role in safeguarding our cloud infrastructure and services – implementing and managing security solutions in cloud environments focusing on AWS and GCP. You will be joining a small but growing security team with a wide range of expertise. Our team is responsible for all security from IT to application, privacy and compliance. 

Safeguarding our customers’ trust in us is ecobee’s top priority. Our challenges run from automating our systems and building continuous delivery environments, to supporting millions of simultaneous TCP sockets and ingesting nearly a terabyte of telemetry data a day. We aim to do this with high reliability and security in mind. If you are someone who enjoys finding creative solutions to complex cloud-based security challenges, then consider joining us in making connected home devices safer for everyone.

Though our hive is in Toronto, Ontario this role is open to being 100% remote within Canada. You may be required to travel to Toronto once per quarter for team and/or company events.

How you’ll make an impact:

• Regularly conduct thorough security audits of existing cloud assets using integrated security tooling to identify vulnerabilities and risks as well as develop mitigation solutions while maintaining functional efficiency.
• Architect and Implement security strategies for cloud-based applications, ensuring compliance with industry standard benchmarks (ISO 27001, ISO 27400, NIST CSF).
• Collaborate with cross-functional teams as stakeholders, advising and addressing risks while balancing product needs, focusing on security best practices and privacy-conscious results for all scales of problems, from small remediations to managing long-term projects.
• Close collaboration with SRE and engineering stakeholders across the business focusing on both new buildouts and hardening legacy infrastructure.
• Lead and coordinate educational initiatives for our engineers, encouraging a culture of continuous learning and curiosity, focusing on enhancing cybersecurity skills and awareness as it relates to cloud security.
• Embed security measures into the continuous integration and deployment pipeline. Working alongside engineering teams to ensure security is a core component of all cloud-based solutions.
• Utilize Terraform and Kubernetes, adhering to standard Infrastructure as Code (IaC) methodologies, to maintain and secure our cloud presence.
• Dive headfirst into our codebase, working with teams throughout engineering to develop microservice and API solutions that enhance cloud security within the constraints of embedded systems.

What you’ll bring to the table:

• At least 3 years of relevant cloud security experience, with hands-on experience in AWS and GCP environments.
• Proficiency in cloud operations, network architecture, Public Key Infrastructure (PKI), and cloud-native authentication mechanisms. Familiarity with cloud provider ecosystems and foundational services.
• A working background with Linux environments, TCP/IP networking, and with securing highly available Kubernetes workloads.
• Experience in developing software with high-level programming languages such as Python, JavaScript, TypeScript, Kotlin, Swift, Golang, Java.
• Expertise in building infrastructure using automation technologies like Terraform, Ansible, Docker.
• Familiarity with CI/CD management using GitHub Actions, CircleCI, and/or Jenkins.
• Experience with security incident response
• A strong understanding of web service architectures.
• A desire to improve DevSecOps practices across the organization.
• Excellent communication skills for interacting with, advising, and decomposing risk to various stakeholders.
• Strong analytical and troubleshooting abilities with effective teamwork orientation.
• A strong desire to mentor and educate engineers on various security topics.
• You codify everything, seek to automate toil, and are excited to share your knowledge to cultivate security champions.

Bonus points for:

• Security-related industry certifications, especially as it relates to the Cloud (AWS or GCP).
• Hands-on familiarity with leading, guiding, or mentoring business units through cybersecurity education initiatives, such as organizing Capture the Flag (CTF) events or using gamified platforms.

Interview Process (3 Rounds)

Round 1: A 30-minute phone call with a member of our talent acquisition team. An information gathering session to aimed at ensuring ecobee understands your background and skills, and that you understand the opportunity being offered by ecobee.

Round 2: A 90-minute virtual interview with the Security Engineering team for a discussion about your technical expertise.

Round 3: A 60-minute virtual interview with our Director of Security for a discussion on your values and business strategy.