As a Lead Security Engineer, you will mentor and develop a security team, driving initiatives in DevSecOps and AppSec, while ensuring security across the development lifecycle.
At Fullscript, we’re not just changing healthcare—we’re making it whole.
We help 100,000+ healthcare practitioners support 10 million patients with a platform that delivers evidence-based health solutions, diagnostic support, and practitioner tools—all in one place.
Healthcare today is disconnected. We’re fixing that. Fullscript makes it easier for practitioners to treat the whole person, not just symptoms, so patients get the support they need—when they need it.
We’re building a better way—one where healthcare is connected, complete, and built for impact.
The Role
We’re looking for an experienced Lead Security Engineer to help shape and strengthen Fullscript’s security posture. You’ll play a key role in embedding security across our development lifecycle, leading initiatives in DevSecOps, AppSec, GRC, security operations, and incident response.
This is an opportunity to tackle real-world security challenges, develop scalable security strategies, and work cross-functionally to ensure security is built into everything we do.
What You'll Do:
- Lead and mentor a security engineering team while partnering with teams like Engineering and IT to embed security throughout our development lifecycle.
- Define and implement security best practices, combining practical recommendations with automated guardrails.
- Drive security initiatives and provide technical guidance for infrastructure decisions, ensuring security is considered from design through implementation.
- Establish and optimize security triage processes, including SLAs, severity frameworks, and remediation protocols.
- Review feature designs and technical approaches to ensure features are developed with security in mind.
- Grow and expand our purple team capabilities.
- Sharing your knowledge and expertise with our developer community.
What You Bring:
- Demonstrated success mentoring and developing security engineering teams.
- Experience partnering with cross-organizational teams to drive security initiatives.
- Proven ability to translate complex security concepts for diverse technical audiences.
- Track record of building and optimizing security triage processes.
- Hands-on coding experience in at least one modern programming language.
- Understanding of industry frameworks (SOC2, PCI, HIPAA, HITRUST, NIST).
Bonus Points
- Background in automation and infrastructure as code (Terraform, CloudFormation).
- Container security and Kubernetes ecosystem security.
- Implementation of cloud security platforms (Wiz) and SIEM solutions.
- Compliance automation and continuous control monitoring (Drata).
- Edge security (WAF).
- Experience securing Ruby on Rails and Javascript applications.
- Experience in securing APIs (GraphQL).
- Experience with pen-test software (Burpsuite).
- Experience with software threat modelling.
- Database security best practices (MySQL, Postgres).
- Experience with security tooling integration in CI/CD pipelines (GitLab, GitHub Actions).
- Advanced Linux/Unix systems security.
What You Get:
- Flexible PTO & competitive pay—because balance fuels performance.
- RRSP match & stock options—invest in your future.
- Customizable benefits—flexible coverage, paramedical services, and an HSA.
- Fullscript discounts—save on high-quality wellness products.
- Continuous learning—training budget + company-wide initiatives.
- Wherever You Work Well—hybrid and remote flexibility.
Why Fullscript?
Great work happens when people are supported, challenged, and inspired. Here, you’ll be part of a team that:
⬦ Values innovation—we push boundaries and always look for better ways.
⬦ Supports growth—through learning, mentorship, and meaningful work.
⬦ Cares about balance—with flexible work options and time off when you need it.
📌 Apply now—let’s build the future of healthcare, together.
Fullscript is an equal-opportunity employer committed to creating an inclusive workplace. Accommodations are available upon request—email [email protected] for support.
Before joining the team, all candidates who receive and accept an offer will complete a background check.
We use AI tools to support parts of our hiring process, like screening and reviewing responses. Final decisions are always made by people. This process complies with privacy and employment laws across Canada and the U.S.
------
🚀 MORE INFO: www.fullscript.com | www.rupahealth.com | Follow us on social media @fullscriptHQ
🔥 IN THE NEWS: Fullscript acquires Rupa Health
📺 Let’s make healthcare whole
Top Skills
Appsec
Burpsuite
CloudFormation
Devsecops
Drata
Github Actions
Gitlab
GraphQL
Grc
JavaScript
Kubernetes
Linux
MySQL
Postgres
Ruby On Rails
SIEM
Terraform
Unix
Wiz
Fullscript Ottawa, Ontario, CAN Office
360 Albert St suite 200, Ottawa, ON, Canada, K1R 7X7
Similar Jobs
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
The Principal Engineer will lead technical decisions and solution designs for marketing CRM platforms, focusing on Salesforce integration and team management to enhance patient outcomes through innovative digital solutions.
Top Skills:
APIsAWSCi/CdOpen Api 3.0PostmanSalesforce Data CloudSalesforce Marketing CloudSnowflake
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Intern role involving data collection and analysis on cybercriminal activities, supporting cybersecurity operations and composing written assessments.
Top Skills:
PythonRSQL
Digital Media • Gaming • Information Technology • Software • Sports • Esports • Big Data Analytics
Lead a team of mobile engineers to build features for DraftKings applications, mentor team members, and drive technical discovery.
Top Skills:
JavaKotlinObjective-CSwift
What you need to know about the Ottawa Tech Scene
The capital city of Canada and the nation's fourth-largest urban area, Ottawa has proven a rapidly growing global tech hub. With over 1,800 tech companies, many of which are leaders in their sectors, the city's tech talent now makes up more than 13 percent of its total workforce. This growth is driven not only by the big players like UL Solutions and Dropbox, but also by a thriving startup ecosystem, as new businesses emerge to follow in the footsteps of those that came before them.
