Back to jobs
New

Sr Security Engineer

South Jordan, UT

Senior Security Enginee

South Jordan, UT

About Us

Canopy is a fast-growing SaaS company in South Jordan, Utah building simple, efficient software for accounting firms. We are looking to revolutionize the accounting space with modern, user-friendly software for a neglected industry. 

We aim to help our clients unlock the firm they’ve always wanted with our Practice Management Suite. We place a strong emphasis on delighting our customers, spotting and solving problems, and being good people along the way. And we just secured $70M in Series C funding to help us fulfill that mission.

Click here to see why our clients (and investors) love Canopy.

Interested in learning more about Canopy & the industry? Check out our blog here where you can find great information on our product features, industry news, practice management, and more!

The Opportunity

We are seeking a Senior Security Engineer to lead and scale our security program with a primary focus on incident response, vulnerability management, and building out our SIEM. In this role, you’ll not only defend against threats and harden our systems, but also help foster a security-aware culture through proactive communication and company-wide training initiatives. You’ll work alongside Engineering, IT, DevOps, and other stakeholders to keep our environment safe and resilient.

This can be a hybrid position in South Jordan, Utah (M, W, F in-office) or fully remote, but located within the state of Utah.

What You’ll Do

Incident Response & Threat Detection

  • Lead the detection, triage, investigation, and resolution of security incidents.
  • Build and improve incident response processes, runbooks, and tooling.
  • Coordinate with cross-functional teams during incident handling and postmortems.
  • Manage and tune alerting systems (SIEM, EDR, IDS/IPS) for early threat detection.

Vulnerability Management

  • Perform regular vulnerability assessments and track remediation efforts.
  • Conduct security reviews of code, infrastructure, and third-party software.
  • Partner with Engineering and DevOps to prioritize and fix security gaps.
  • Establish and maintain secure configuration baselines.

Cross-Team Security Collaboration

  • Act as a trusted advisor to Engineering, IT, Product, and Compliance teams.
  • Integrate security best practices into the SDLC and CI/CD pipelines.
  • Provide architectural guidance on secure system design and deployment.
  • Champion a culture of shared responsibility for security.

Security Training & Awareness

  • Develop and deliver security awareness programs for the company.
  • Run hands-on security training tailored for engineering teams (e.g., secure coding, threat modeling).

Security Engineering & Automation

  • Build and maintain tooling for security monitoring, response, and enforcement.
  • Automate detection and response workflows where possible.
  • Analyze logs and telemetry for anomalies and indicators of compromise.

Compliance & Governance Support

  • Support technical implementations for compliance frameworks (SOC 2, ISO 27001, etc.).
  • Collaborate with Risk and Compliance to enforce internal policies and external regulations.
  • Contribute to internal audits, risk assessments, and vendor security reviews.

What We’re Looking For

  • 5+ years of experience in security engineering, incident response, or a related role.
  • Proven track record managing security incidents and remediating vulnerabilities.
  • Proficiency in scripting or programming languages (e.g., Python, Go, Bash).
  • Experience with tools like SIEMs (Splunk, Sumo Logic), EDRs, and vulnerability scanners.
  • Strong knowledge of secure infrastructure (cloud, networks, endpoints, containers).
  • Excellent communication skills with the ability to educate and influence others.

We know many women do not apply for a job if they don't perfectly fit the description. We want you to apply anyway.

Bonus Points If You Have

  • Experience working in a modern SaaS, cloud-native, or DevOps-heavy environment.
  • Industry certifications (e.g., OSCP, CISSP, GIAC) are a plus.
  • Familiarity with compliance standards (e.g., SOC 2, ISO 27001, HIPAA).

Why You Want to Work Here

🌴 Flexible Paid Time Off - you’re actually encouraged to use, plus 10 company holidays! 

❤️‍🩹 Health Benefits - including Medical, Dental, and Vision and an HSA Match. 

💰 401(k) - we match 100% up to 3% of your contribution. Eligibility is immediate with 100% vesting.

🧠 Mental Health -  all employees have access to Impact Suite & to our Employee Assistance Program (EAP).

👶 Paid New Parent Leave & Birthing Parent Leave - so you’re able to care for your little ones.

➕ Supplemental Benefits - including 100% company paid Basic Life & AD&D insurance and long & short-term disability coverage.

🌟 Nectar - our peer-to-peer recognition program to help our employees recognize the amazing work being done by other Canopians!

🥳 Company Events - including monthly company-wide meetings, summer parties, and more.

💡 ERG Committees - to plan initiatives around continuing education, community outreach, recruiting, onboarding, and more.

☕ Fully-stocked kitchen - Keto? Vegan? Flexitarian? Mandalorian? We’ve got you covered. 

Our Values

We approach our work every day with a few things in mind:

🔑 Own - we own this place! We focus on outcomes, holding ourselves & each other accountable.

🏆 Win - we win by delighting our customers with the very best products and services.

👍 Do Good - we work hard to be good people!

💡 Embrace Curiosity & Candor - we approach everything with curiosity & we understand that candor is kindness and give the gift of feedback.

To learn more about us & our values, click here.

Interviewing @ Canopy

Application processes can be a little stressful. Here are the stages of a typical interview process at Canopy:

 

  • Once your application is received, we will review it and get back to you if we feel like it’s a mutual fit! 
  • 20-minute phone call with the People Team
  • 45-60-minute video or in-person interview with the Hiring Manager
  • 1-3 rounds of interviews, depending on the role
  • Final Interview

 

Interview processes can vary depending on the role. The People Team will give you a role-specific overview of the process during your first phone call. 

Remember: This is your interview too! We know candidates are evaluating us just as much as we are them. We encourage you to bring questions to each of your interviews—our hiring teams will always make sure to save time for questions at the end! 

Canopy is an equal-opportunity employer. Canopy provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status, or veteran status.

 

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Select...
Select...
Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Canopy’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.