Senior Cybersecurity Engineer / Developer

About Dialogue

Dialogue is the #1 virtual care provider in Canada. By developing our Integrated Health Platform🅫, we provide exceptional online health and wellness programs (primary care, mental health, iCBT, EAP, and wellness) to organizations that want to improve the wellness of their employees and families.

When it comes to our work, we set the bar high. Together, we’re transforming health and helping millions improve their well-being. We’re firm believers that great people don’t settle on:

• Impact
• Community
• Growth
• Excellence

Feel like you can make a difference? Good news, we saved you a seat! 

Come as you are. As a proud equal-opportunity employer, Dialogue is dedicated to creating a diverse and inclusive workplace for everyone. Qualified applicants will be considered regardless of citizenship, ethnicity, race, colour, religion, gender, gender identity or expression, sexual orientation, disability, age, or veteran status. Applicants who require specialized accommodation are encouraged to contact [email protected].

Your role as a Senior Cybersecurity Engineer / Developer

Reporting directly to the CISO, as a Senior Cybersecurity Engineer / Developer at Dialogue, you will be a key contributor in safeguarding our innovative healthcare platform and protecting the sensitive data of our users. You will leverage your deep technical expertise to design, build, and optimize security controls, ensuring the integrity, confidentiality, and availability of our systems and data. This role offers the opportunity to lead critical security initiatives, contribute to the development of our security strategy, and mentor other team members in a dynamic and impactful environment. In particular, we’re looking for candidates with experience implementing and automating security controls in cloud environments using IaC, backed by a strong security foundation to support broader security initiatives.

What you'll be doing

• Security Implementation and Enablement: Assist in identifying and remediating vulnerabilities across cloud, infrastructure, and applications; support security controls and monitoring in CI/CD pipelines; contribute to integrating best practices into Kubernetes, Terraform, and cloud workflows; and help automate security and operational tasks to streamline deployments
• Threat Intelligence: Proactively monitor and analyze security data to identify advanced threats and vulnerabilities. Develop actionable insights and key metrics (KRIs/KPIs) to strengthen our security posture
• Incident Response Management: Take ownership of leading security incident response, from initial investigation to full resolution. Conduct post-incident reviews to implement preventative measures
• Security Exercise Participation: Actively participate in planning and executing threat response drills and contribute to improving our business continuity and disaster recovery capabilities
• Risk and Vulnerability Assessment: As a Cybersecurity expert, participate in security assessments to identify vulnerabilities and recommend remediation strategies. Contribute to the security risk register, oversee security audits, and assess vendor security practices
• Security Awareness and Guidance: Lead the development of security awareness materials and provide expert guidance to IT and Engineering on cybersecurity program objectives and compliance

We'd love to hear from you if you have

• 5+ years of hands-on experience in security engineering, DevSecOps, or cybersecurity operations, with a proven track record of increasing responsibilities and a strong understanding of security principles, architectures, and best practices
• Demonstrated expertise and hands-on experience designing, implementing, and operating solutions across key security domains, including incident response, vulnerability management, network security, and identity and access management
• Significant experience securing cloud-based technologies (e.g., Okta, Auth0, AWS, DataGuard, GCP, Google Workspace) and a strong understanding of Zero Trust Network Access concepts
• Familiarity with cloud deployment workflows, containerized environments, and infrastructure-as-code concepts (e.g., Kubernetes, Terraform, CI/CD pipelines)
• Proficiency in scripting languages (e.g., Python, Bash) for automation and security analysis is a significant plus
• In-depth knowledge of cybersecurity frameworks and industry standards such as NIST CSF, OWASP, MITRE ATT&CK, and SSDLC
• Relevant information security certifications (e.g., CRISC, CISA, CISM, CGEIT, CISSP, CCSP) are considered a strong asset

Please note that as we serve customers across Canada, bilingualism is an asset for this position. You may be required to communicate in French and English.

At Dialogue, your well-being is our priority

Taking care of others also means taking care of our team! Depending on your role and employment status, you could have access to the following benefits:

• Access to the Dialogue app and virtual mental health support for you and your family
• Fully funded insurance, a health spending account, dental coverage, and fitness reimbursement
• 4 weeks vacation, 9 wellness days, and 1 volunteer day
• Hybrid work: 3 days/week in our Montreal or Toronto offices, excluding remote roles
• Work abroad up to 4 weeks/year
• Incentive plans, referral bonuses & RRSP matching
• Learning via Coursera, external training budget & mentorship
• Optional parental leave top-up