Security Automation Engineer, 18-month Term

About Kinaxis
Are you looking to join an innovative, market-leading company where you can truly elevate your career? At Kinaxis we are serious about culture, we are serious about technology, we are serious about customers, and we are serious about not taking ourselves too seriously. If you are looking to be part of an incredible growth story, then we might just be the place for you!
In 1984, we started out as a team of three engineers. Today, we have grown to become a global organization with over 2000 employees around the world, 6 global office and a best-in-class HQ in Ottawa, Canada. As winners of several Top Employer awards globally, we are proud to work with our customers and employees towards solving some of the biggest challenges facing supply chains today.
Kinaxis is a global leader in modern supply chain orchestration, powering complex global supply chains, and supporting the people who manage them. Our powerful, AI infused platform provides full transparency and visibility across end-to-end supply chains, enabling our customers to make faster, better decisions. We are trusted by renowned global brands to provide the agility and predictability needed to navigate today’s volatility and disruption. With more than 40,000 users in over 100 countries, we are expanding our team as we continue to innovate and revolutionize how we support our customers.
Location
Ottawa, Canada- Hybrid
Other Canadian locations- Remote
About The Role
The Security Automation Engineer designs, builds, and operates automated security capabilities across a hybrid enterprise environment spanning on-premises infrastructure and public cloud platforms. This is a hands-on, builder-oriented role focused on eliminating manual security effort by embedding security guardrails, detections, and remediation directly into platforms, pipelines, and operational workflows.
In this role, you will own the automation and orchestration layer of the security program , working closely with infrastructure, platform, data, and application engineering teams to ensure security is continuous, scalable, and enforced through code . You will have strong software engineering experience with deep security domain expertise across cloud, Kubernetes, CI/CD, data platforms, and modern AI workloads.
Vacancy Status
This is an existing job vacancy
What you will do
Security Automation & Engineering

• Design and implement event-driven, API-first security automation for detection, response, and preventative controls.
• Build reusable automation frameworks and libraries to enforce security standards across environments.
• Replace manual security processes with code, workflows, and orchestration integrated into enterprise platforms.

Infrastructure as Code (IaC) & Policy Automation

• Enforce security guardrails via policy ‑ as ‑ code (OPA/Gatekeeper, Terraform, Sentinel, cloud-native policy engines).
• Automate scanning, validation, approval gates, and auto-remediation for IaC drift and misconfigurations.
• Develop secure, IaC modules that embed security by default.

Container Security Automation

• Automate cluster and workload hardening (RBAC validation, admission control, policy enforcement).
• Integrate image scanning, signing, and deployment validation into CI/CD.
• Automate runtime signal collection and response for container workloads CI/CD & Software Supply Chain Security
• Embed security automation into CI/CD pipelines (SAST, SCA, DAST, secrets detection, IaC scanning).
• Implement policy ‑ based gates and automated failure handling.
• Automate SBOM generation, artifact signing, provenance checks, and attestation enforcement.

GitHub Security Engineering

• Automate GitHub Enterprise security controls: including repository standards, branch protections, code scanning, secret scanning, and dependency management.
• Enforce least ‑ privilege access and token hygiene via automation.
• Integrate GitHub security telemetry into SIEM and SOAR pipelines.

Databricks & Data Platform Security

• Automate Databricks workspace and cluster security (policies, permissions, secret scopes, token lifecycle).
• Enforce data access guardrails and monitor for anomalous behavior.
• Integrate Databricks telemetry into centralized logging and detection systems.

Vulnerability Automation & Remediation

• Build automated pipelines that prioritize, route, and remediate vulnerabilities based on risk context.
• Integrate vulnerability data with ticketing, CI/CD, and config management systems.
• Develop self ‑ service remediation workflows for engineering teams.

Security Operations & Orchestration

• Design and develop SOAR playbooks and automations for common and high ‑ impact security events.
• Integrate signals from cloud platforms, endpoints, identity systems, Kubernetes, and CI/CD into SIEM.
• Continuously tune detections to improve signal quality, reduce noise, and support analyst efficiency.
• Embed automated security checks into change management workflows, including pre ‑ change validation and post ‑ change. verification.

What we are looking for
Primary Skills And Qualifications

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or equivalent practical experience.
• 5–7+ years of experience in security engineering, site reliability engineering (SRE), or software engineering with a strong security focus.
• Strong software engineering mindset with the ability to design, build, and operate production systems.
• Proven ability to balance security rigor with delivery speed and business outcomes.
• Experience operating production ‑ grade systems with uptime, telemetry, and reliability requirements.
• Strong collaboration skills with a demonstrated ability to enable engineering teams rather than block delivery.
• Excellent written and verbal communication skills, with the ability to clearly articulate complex technical concepts.
• Ability to work effectively in a fast ‑ paced, global environment with shifting priorities.
• Preferred Certifications
• CCSP, CISSP, CKS
• Azure or GCP Security Specialty
• GIAC certifications relevant to cloud or automation security

Role Specific Skills And Experience

• Strong software engineering skills: Python (preferred), Go or Java; REST APIs; event ‑ driven systems.
• Infrastructure as Code (Terraform, CloudFormation etc.) with policy ‑ as ‑ code enforcement.
• Strong knowledge of CI/CD security automation (GitHub Actions, Azure DevOps, GitLab).
• Hands-on experience with Kubernetes security (admission control, PSS, network policy, signing, runtime security).
• GitHub Enterprise security configuration and automation.
• Databricks security architecture and automation.
• AI / LLM workload security and usage controls.
• Vulnerability management automation and remediation pipelines.
• Identity ‑ first security (IAM, workload identity, key & secret lifecycle).

#Senior;
Work With Impact:
Our platform directly helps companies power the world’s supply chains. We see the results of what we do out in the world every day, when we see store shelves stocked, when medications are available for our loved ones, and so much more.
Work with Fortune 500 Brands:
Companies across industries trust us to help them take control of their integrated business planning and digital supply chain. Some of our customers include Lockheed Martin, Unilever, P&G, ExxonMobil, Cisco and more.
Social Responsibility at Kinaxis:
Our Diversity, Equity, and Inclusion Committee weighs in on hiring practices, talent assessment training materials, and mandatory training on unconscious bias and inclusion fundamentals. Sustainability is key to what we do and we’re committed to a long-term net-zero operations strategy. We are involved in our communities and support causes where we can make the most impact.
People matter at Kinaxis and here are some of the perks and benefits we offer, which may vary by location and employee:

• Flexible vacation and Kinaxis Days (company-wide days off)
• Flexible work options
• Physical and mental well-being programs
• Regularly scheduled virtual fitness classes
• Mentorship programs, training, and career development
• Recognition programs and referral rewards
• Hackathons

For more information, visit the Kinaxis website at www.kinaxis.com or the company’s blog at http://blog.kinaxis.com .
Kinaxis welcomes candidates to apply to our inclusive community. We provide accommodations upon request to ensure fairness and accessibility throughout our recruitment process for all candidates, including those with specific needs or disabilities. If you require an accommodation, please reach out to us at recruitmentprograms@kinaxis.com. This contact information is for accessibility requests only and cannot be used to inquire about the status of applications.
Kinaxis is committed to ensuring a fair and transparent recruitment process. We use artificial intelligence (AI) tools in the initial step of the recruitment process to compare submitted resumes against the job description to identify candidates whose education, experience, and skills most closely match the requirements of the role. After the initial screening, all subsequent decisions regarding your application, including final selection, are made by our human recruitment team. AI does not make any final hiring decisions.