Software Engineer - Security and Network Systems

About Qorsa

Qorsa Corp is a Canadian post-quantum cryptography and cybersecurity company building CasQade - a crypto-agile security platform designed to protect sovereign government, defence, financial, and critical infrastructure networks against current and emerging cryptographic threats. We are headquartered in Waterloo, Ontario, with a European subsidiary in The Hague, Netherlands. Our work spans post-quantum cryptography, cryptographic agility, hardware security, distributed systems, and AI-driven threat intelligence, with active engagements across Canadian defence, NATO, and allied partner organizations.

Job Summary

We are seeking a software engineer with strong systems programming and networking skills to join the CasQade engineering team. The successful candidate will build security infrastructure that operates in the network path - software that interposes on, inspects, and secures communications in real time - and will contribute across the platform's cryptographic services, protocol engineering, distributed systems, and deployment infrastructure. This role requires a strong foundation in Go, a solid understanding of network protocols, and the ability to reason about how systems behave under adversarial conditions. The team will provide deep domain exposure to post-quantum cryptography and cryptographic agility - what matters most is strong engineering fundamentals and the ability to learn fast in a technically demanding environment.

Responsibilities

• Build and maintain security infrastructure in Go that handles live network traffic, including interposition, protocol negotiation, and cryptographic upgrade of communications.
• Contribute to network discovery and assessment tooling that identifies cryptographic implementations, protocol configurations, and security posture across target networks.
• Implement and integrate post-quantum cryptographic primitives using libraries such as Cloudflare CIRCL and the Go standard crypto library.
• Contribute to cryptographic service infrastructure including certificate lifecycle management, key management, and trust chain operations.
• Develop platform APIs and services for the policy engine and orchestration components of CasQade.
• Contribute to distributed ledger components that provide tamper-evident audit and compliance capabilities.
• Write integration tests, build tooling, and contribute to CI/CD and deployment infrastructure as part of a small team where everyone works across the stack.
• Participate in code reviews, architecture discussions, and sprint ceremonies within an agile delivery cadence.
• Support deployment and hardening of CasQade in government, defence, and enterprise environments.

Qualifications

• Strong programming skills in Go (primary). This is the team's main language and the majority of your work will be in Go.
• Strong understanding of networking - TCP/IP, TLS, DNS, HTTP. Comfortable reasoning about what happens on the wire, debugging packet captures, and understanding how protocols negotiate and fail.
• Experience building backend services, APIs, or systems-level software - infrastructure that other systems depend on, not web applications.
• Understanding of security engineering principles - threat modeling, secure defaults, authentication and authorization patterns, and reasoning about failure under adversarial conditions.
• Familiarity with distributed systems concepts - consensus, replication, fault tolerance, and state management across unreliable networks.
• Comfort with Linux as a development and deployment environment.
• Ability to read and understand unfamiliar codebases quickly.
• Willingness to work across the stack - we are a small team and everyone contributes where the platform needs it.

Strong Assets

• Experience with C/C++ or Rust in addition to Go.
• Familiarity with cryptographic concepts - symmetric/asymmetric encryption, key exchange, digital signatures, certificate chains, PKI. Even coursework or personal projects count.
• Experience with TLS at the implementation level - handshake mechanics, cipher suite negotiation, extension handling.
• Experience with network scanning, protocol analysis, or security tooling.
• Familiarity with post-quantum cryptography concepts or the NIST PQC standardization process.
• Experience with distributed ledger platforms, smart contract development, or consensus protocol implementation.
• Experience with Kubernetes, Docker, or container orchestration.
• Experience designing or implementing protocol specifications.
• Previous work in or familiarity with Government of Canada IT security frameworks (ITSG-33, PBMM).
• Eligibility for Government of Canada security clearance (Secret level).

Canadian citizenship is required for this role due to the nature of our government and defence work. This is an on-site position based in Waterloo, Ontario, with periodic travel to Ottawa.

Pay: From $100,000.00 per year

Benefits:

• Dental care
• On-site parking
• Paid time off

Ability to commute/relocate:

• Waterloo, ON N2L 6R2: reliably commute or plan to relocate before starting work (preferred)

Application question(s):

• Are you eligible for a Government of Canada security clearance (Secret level)?

Work Location: In person