Security & Compliance Engineer

Job Title: Security & Compliance Engineer

Location: Toronto, ON (Hybrid)

Estimated Duration: Fulltime

Company Overview:
Join our visionary and rapidly growing AI x Biotech startup, based in the heart of Toronto. We are at the forefront of revolutionizing pharmaceutical development through the integration of machine learning, automation and advanced computing. Our team of scientists and engineers is dedicated to advancing drug development and improving patient outcomes.  As we embark on this exciting journey, we are seeking a talented and passionate Security and Compliance Engineer to join our founding team in our pursuit of transforming drug development.

Our Company Culture:
we believe in fostering an environment of collaboration, innovation, and continuous learning. Our team members are not only passionate about the work they do but also about creating a workplace that encourages inclusivity, adaptability, and mutual respect.

About the Role:
As a Security & Compliance Engineer, you will play a critical role in building and maintaining the security and compliance foundation of Intrepid Labs. You will be responsible for helping maintain our SOC 2 and ISO 27001 compliance programs, improving our cloud and application security posture, and supporting security reviews with enterprise partners and customers.
This role sits at the intersection of security engineering, DevSecOps, and compliance operations, and is ideal for someone who enjoys both technical implementation and working with cross-functional teams to ensure strong security practices across the organization.
You will work closely with engineering, infrastructure, and leadership teams to ensure security is embedded into our systems, processes, and culture as the company grows.

In this role, you will:

Security & Compliance

• Maintain and improve our SOC 2 and ISO 27001 compliance programs
• Manage security documentation, policies, and control evidence
• Coordinate internal and external audits
• Maintain risk registers and security control frameworks
• Track and remediate compliance gaps

Security Engineering & DevSecOps

• Integrate security best practices into CI/CD pipelines and engineering workflows
• Implement vulnerability scanning and monitoring tools
• Improve cloud security posture across our infrastructure
• Manage secrets, encryption policies, and access controls
• Support infrastructure security reviews and threat modeling

Security Operations

• Monitor security alerts and investigate potential incidents
• Maintain incident response procedures and playbooks
• Conduct periodic access reviews and security audits
• Manage vulnerability remediation workflows

Customer & Partner Security

• Respond to enterprise customer security questionnaires and reviews
• Work with partners and auditors on security documentation
• Help maintain security architecture documentation and trust materials

What you bring:

• Bachelor's or Master's degree with high distinction in Computer Science, Cybersecurity, Engineering, or a related field
• 3+ years of experience in security engineering, DevSecOps, or security compliance
• Experience working with security frameworks such as SOC 2, ISO 27001, or similar standards
• Experience with cloud platforms such as Azure, AWS GCP
• Familiarity with CI/CD pipelines and secure development practices
• Experience with vulnerability scanning and monitoring tools
• Strong documentation and communication skills

Why Join Us:

• Opportunity to lead and shape the future of pharmaceutical development.
• Collaborate with a team of accomplished experts across various disciplines.
• Work from the vibrant MaRS Discovery District in Toronto, fostering innovation and collaboration.

Competitive compensation package, including equity