Senior Security Engineer, Vulnerability Automation

About The Role

Hi, I'm Dave. I lead Security Engineering at Jane - a team of ten spanning AppSec, Cloud Security, Enterprise Security, Red Team, and Enablement, working to protect the health information of hundreds of thousands of patients and the practitioners who care for them.

We earn influence through relationships, not authority. Our goal is to make it easy for dev teams to do the right thing, and that has a concrete expression. We're close to a vision where a developer receives a draft, tested PR when a vulnerability is identified in their codebase. We only ship validated true positives to their queues. The investigation, false positive filtering, and applicability assessment are our job, not theirs.

We've already built the foundation. You'll be maturing that platform, not starting from scratch. This role sits at the engineering heart of that work, building and iterating on the pipeline that connects threat intelligence, AppSec findings, and Red Team outputs into automated protections and actionable remediation for dev teams.

We're a team that experiments with AI constantly and shares what we learn. If that's how you already work, you'll feel right at home here.

If you lead with curiosity, earn trust before you expect buy-in, and get energy from building things that make other engineers' lives simpler, I'd love to talk.

What Impact We're Looking For You To Make

• Design, build, and own the vulnerability engineering pipeline - from threat intelligence ingestion through automated PR generation - establishing the technical architecture and standards that the rest of the team builds on as the platform matures.

• Raise the team's bar for building with AI by experimenting openly, sharing what works and what doesn't, and helping every member of the security team elevate how they work with AI-powered tooling.

• Partner deeply with dev teams across Jane to make security feel like a service, not a burden - doing the investigative work upfront, shipping only validated true positives, and following up on SLA gaps in ways that keep relationships strong.

• Coordinate complex, multi-team vulnerability findings by owning the communication, tracking resolution progress, and keeping things moving without needing to escalate every sticking point.

• Contribute to the team's on-call rotation, building and improving runbooks and post-incident reviews that make every response faster and sharper than the last.

What Experience We Need

• Demonstrated depth in security engineering, including shipped automation, pipelines, or internal security tooling that other teams actually used - with enough experience across the vulnerability lifecycle to know where the friction points are and how to engineer around them. Hands-on experience with Python and CI/CD security integrations, particularly GitHub Actions, is a strong signal.

• A builder's mentality about AI - you experiment, you stay current, and you're energized by building smarter ways to solve problems. Active engagement with AI-assisted workflows and tooling is central to how this team operates and grows.

• Applied knowledge of web and API vulnerability classes - including how common attack vectors translate to real risk and how to provide remediation guidance tailored to the specific issue and team receiving it, rather than generic output from a scanner report. Familiarity with SAST, SCA, secret detection, DAST, and ASPM tooling is important; experience with mobile application vulnerabilities is a bonus.

• A track record of cross-team influence without authority - knowing how to read a room, adapt communication to your audience, and build the kind of credibility that makes engineers come to you proactively. Emotional intelligence is as important to us as technical skill, and it's a core part of how this team operates.

• A track record as a force multiplier - you've set technical direction that others have followed, mentored engineers at various levels, and shared your knowledge freely enough that the teams around you got meaningfully better because of it.

If you don't meet every single qualification but are excited about this role, we'd still love to hear from you.

More About Jane

Jane is a founder-led, high-growth SaaS company born in North Vancouver, British Columbia. We're now a team of more than 700 people working remotely across Canada, the US, and the UK, united by our mission to help the helpers.

We build the products and tools that thousands of clinics rely on every day to run their businesses, care for their patients, and grow their communities. That level of impact means every person at Jane plays an important role in how we show up for our customers. We're all responsible for being deeply connected to their needs, obsessed with improving their experience, and proud of the difference our work makes in their day-to-day lives.

Jane is growing fast, and that growth brings exciting challenges that call for adaptability, resilience, learning agility, and humility. We're proud of what we've built and quick to admit what we don't know yet. We listen, learn, and adjust as we go.

We're also embracing the possibilities of AI, using it to work smarter, improve our systems, and create even better experiences for our customers and our team.

Our goal isn't just delivery - it's delight. We move quickly, communicate openly, and solve real problems together. If you're energized by ambiguity, motivated by impact, and eager to learn with others, you'll thrive at Jane.

Compensation & Benefits

At Jane, we're committed to paying fairly, clearly, and above all, paying for growth. This role has an annual salary range of $128,000 to $200,000. While that is a large range, it is intentional. It reflects the full growth journey someone might take in the role, from developing skills early on to becoming highly proficient and ultimately achieving excellence.

Most new hires join at the accomplished stage, which for this role represents an annual salary of $168,000. A starting salary below this typically indicates a candidate with strong potential who is still developing key skills. Salaries above this usually apply to existing team members who have made a significant impact and bring deep Jane-specific knowledge.

We believe in paying for growth. You'll have regular career development conversations with your manager, and your compensation will grow as you gain experience and contribute meaningfully to our mission.

Paying clearly is one of our compensation fundamentals. Watch this short video to learn how our salary bands are set. You're also encouraged to ask questions about compensation at any point during the interview process.

We also offer a comprehensive benefits package. You can learn more about it here!