Information Security Specialist

Job description

Do you want to empower organizations to build smarter compensation strategies while ensuring fair pay for all employees?

Syndio is a Series C technology company leveraging advanced technology and responsible AI to accelerate decision-making, streamline compliance, and democratize insights for consistent, equitable compensation practices at scale. Backed by $83M in investments from Bessemer Venture Partners, Voyager Capital, and Emerson Collective, we are expanding our team and products to help companies align their rewards strategies with their business goals.

Our customers are our greatest asset. Syndio partners with many of the world’s most recognized and respected enterprises, helping them implement leading-edge compensation solutions with expert guidance. We analyze pay for over 10 million employees across dozens of countries, ensuring fair, defensible rewards that drive better business outcomes.

Join us in our mission to help companies make smarter pay decisions they can trust

About the Role

We’re looking for an Information Security Specialist who’s ready to take on the challenge of protecting our growing SaaS platform and our internal systems. If you’re passionate about cybersecurity, thrive in a fast-paced environment, love outsmarting threats, and partner with engineers to make our product and environment more secure, we want you on our team.

In this role, you’ll work closely with IT, compliance, engineering, and product teams to design and implement security measures that keep our systems safe and our business compliant. You’ll have the freedom to build, innovate, and strengthen our security posture—bringing deep security expertise, hands-on experience with modern architectures, and a strategic mindset to the table. If you’re someone who sees security as more than just policies and controls but as an opportunity to enable and empower a company, this is the role for you.

Why this job is exciting

• Build Security Foundations – Establish and enhance security measures across our SaaS platform and its supporting infrastructure.
• Cloud Network Security – Ensure secure API design and implementation, including authentication, authorization, and encryption practices for services and cloud-native architectures.
• Network Security – Maintain, deploy, upgrade, and troubleshoot cloud network security infrastructure solutions, including hybrid connectivity, firewalls, web application firewalls (WAFs), intrusion prevention and detection systems (IPS/IDS) tools to ensure a resilient and secure environment.
• Endpoint Security – Deploy, manage, and optimize endpoint security solutions, including antivirus, endpoint detection and response (EDR), virtualized configurations, and device hardening to protect against malware, ransomware, and other threats.
• Security Logging & Monitoring– Implement and manage real-time log monitoring, audit log review, and analysis to detect and respond to potential threats.
• Threat Modeling & Risk Assessment – Perform threat modeling, security design reviews, and architecture assessments for SaaS solutions to proactively identify and mitigate security risks.
• Vulnerability Management – Perform routine vulnerability scanning, prioritize remediation activities, and ensure vulnerabilities are remediated in accordance with service level agreements.
• Data Security and Privacy – Implement and enforce data protection measures, including encryption, data loss prevention (DLP), and access controls, to safeguard sensitive information and ensure compliance with security and privacy regulations.
• Integrate Security into SDLC: Collaborate with development teams to embed security best practices throughout the software development lifecycle (SDLC), including secure coding, API security, and DevSecOps principles.
• Identity and Access Management – Work closely with the IT team to enforce strong access management controls and prevent unauthorized access.
• Security Automation – Automate security tasks and processes to enhance operational efficiency and reduce manual workload. Develop and maintain automated security testing solutions and integrate security tools within CI/CD pipelines to ensure continuous application security.
• Technical Troubleshooting & Root Cause Analysis – Investigate, analyze, and respond to security incidents related to SaaS applications, ensuring containment, root cause analysis, and documentation.
• Security Awareness and Training – Advocate for security best practices across the company, helping to build a strong security-first culture. Provide secure coding training and guidance to engineering teams, ensuring awareness of common vulnerabilities and best practices.
• Project Tracking & Communication – Support security initiatives through project tracking, maintain the integrated master schedule, and present security updates to agency change boards and leadership.

About You

• 5+ years of experience in cybersecurity, security engineering, or a related field.
• Strong background in systems engineering, network security, and/or cloud security.
• Experience with application security, risk management, authentication systems, security testing, and hardening.
• Familiarity with SaaS industry technologies and security considerations across major cloud providers.
• Strong analytical and problem-solving skills with an ability to think independently and take initiative.
• Comfortability in engaging with senior leadership, engineers, product teams, and customers on security strategy and best practices.
• You are passionate about security and excited about making an impact in a growing company.

Why you’ll love it here

• Check out our Employee Experience page for more information on our Mission & Values, Work-Life Balance, Pay Transparency, Diversity, Culture, and Benefits
• 💰 Competitive Compensation. For this role our base salary is targeted at $98k-$115k CAD. Final offer amounts are determined by factors such as experience and expertise
• 🏆  Syndio Equity. So you can share in Syndio’s success
• 🏝 20 days annually. We encourage our team to recharge when they need to, plus paid sick & safe time, compassion leave, and voting leave
• 🏦 Pension Contribution
• 📍 Remote-First (within commuting distance of Calgary) #LI-Remote

Role Progression

• 30 Days: In the first month you will focus on onboarding, understanding the existing security landscape, infrastructure, key stakeholders, and current security initiatives.

• 60 Days: Building upon your initial understanding, you will begin actively participating in core security tasks such as vulnerability scanning, log monitoring, and collaborating with engineering on security best practices within the SDLC.

• 90 Days: By the end of the third month, you will be expected to independently manage key security responsibilities, contribute to ongoing projects, and demonstrate measurable progress in enhancing the company’s security posture through implemented improvements and proactive threat mitigation.

At Syndio, we’re building a diverse team that values candor, curiosity, and community. If you share these values and are interested in joining us, we’d love to talk with you even if you don’t 100% meet the “about you” listed here. We don’t expect anyone to have all the answers, as long as you’re willing to learn and grow with us.

Employees joining the Syndio team at this early stage of growth will impact this critical social issue and support a growing customer base (including Nordstrom, General Mills, Match Group, and others) to take tangible action on workplace fairness.

Syndio is an Equal Opportunity Employer. We are building an inclusive and collaborative workplace as we grow, and we welcome team members regardless of gender/identity, sexual orientation, race or cultural background, religion, physical disability and age.