Canopy is hiring a Security Engineer

The Security Engineer will support the organization's security roadmap with a focus on detection engineering, compliance operations, and customer-facing security activities within a rapidly scaling SaaS environment.. This role reports to the Director of DevOps, Security & IT and offers flexible work arrangements, including hybrid in South Jordan, UT (M, W, F in-office) or fully remote for candidates based in Utah.

Responsibilities

• Develop, refine, and manage detection rules in Datadog (SIEM) to detect threats, minimize false alerts, and enhance the quality of security alerts across systems.
• Support SOC 2 audit cycles by gathering evidence, mapping controls, and coordinating with auditors using the Drata platform.
• Advance Trust Services Criteria (TSC) expansion and implement CIS Controls v8 by mapping controls and maintaining compliance documentation.
• Respond to customer security questionnaires and assist in customer-facing compliance initiatives.
• Support endpoint security operations under the guidance of a Senior Security Engineer, using tools such as JAMF Pro, SentinelOne, CrowdStrike Falcon, and Cloudflare Zero Trust (including DLP, SWG, CASB).
• Maintain and enhance compliance documentation, security policies, and internal security procedures.
• Execute tasks aligned with the security roadmap, contributing to initiatives in detection, compliance, and operational security.

Requirements

• Minimum of three years of experience in information security, with direct involvement in detection engineering, compliance operations, or security operations.
• Experience working in a SaaS environment.
• Proven ability in detection engineering, including writing and tuning rules in a production SIEM; Datadog is preferred, though Splunk, Elastic, or similar platforms are acceptable.
• Hands-on experience with a GRC platform such as Drata, Vanta, or equivalent—beyond theoretical knowledge of SOC 2.
• Experience responding to customer security questionnaires and supporting external audits.
• Familiarity with compliance frameworks including SOC 2, CIS Controls, or NIST CSF.
• Strong attention to detail and the ability to manage multiple compliance and security initiatives concurrently.
• Clear and effective written and verbal communication skills, especially for customer-facing compliance tasks.

Nice to Have

• Experience with endpoint security tools such as JAMF Pro, SentinelOne, CrowdStrike Falcon, or Cloudflare Zero Trust.
• Knowledge of macOS MDM/fleet management and endpoint hardening practices.
• Exposure to DLP policy creation, secure web gateway deployment, or CASB configuration.
• Relevant security certifications such as Security+, GSEC, CCSK, or similar.
• Experience with AWS security services or foundational cloud security concepts.

Tech Stack

Datadog, SIEM, Splunk, Elastic, Drata, Vanta, JAMF Pro, SentinelOne, CrowdStrike Falcon, Cloudflare Zero Trust, DLP, SWG, CASB, AWS

Benefits

• Flexible Paid Time Off with encouragement to use it, plus 10 company holidays.
• Comprehensive health benefits including Medical, Dental, Vision, and an HSA Match.
• 401(k) plan with 100% company match up to 3% of employee contributions; immediate eligibility and full vesting.
• Mental health support through access to Impact Suite and an Employee Assistance Program (EAP).
• Paid leave for new parents and birthing parents.
• Supplemental benefits including 100% company-paid Basic Life & AD&D insurance and long- and short-term disability coverage.
• Nectar, a peer-to-peer recognition program to celebrate employee contributions.
• Company events such as monthly all-hands meetings and summer parties.
• ERG Committees that lead initiatives in continuing education, community outreach, recruiting, and onboarding.
• Fully-stocked kitchen accommodating various dietary preferences including keto, vegan, and flexitarian.

Work Arrangement

Hybrid — South Jordan, UT, Utah (remote) — Hybrid position: M, W, F in-office or fully remote based in Utah

Team

Growing security team in a collaborative, fast-moving SaaS environment; reports to the Director of DevOps, Security & IT

• Own - We own this place! We focus on outcomes, holding ourselves & each other accountable.
• Win - We win by delighting our customers with the very best products and services.
• Do Good - We work hard to be good people!
• Embrace Curiosity & Candor - We approach everything with curiosity & we understand that candor is kindness and give the gift of feedback.
• Act Startup Fast - We know the best way to become a world-class company is to always act like a tiny startup: fast, hungry, intense, and scrappy. But especially fast.

Additional Information

• This position can be held in a hybrid format in South Jordan, Utah (M, W, F in-office) or fully remote for candidates based in Utah.
• The role reports to the Director of DevOps, Security & IT.
• The application process includes: application review, a 20-minute call with the People Team, a 45-60 minute interview with the Hiring Manager, 1-3 rounds of interviews, and a Final Interview.
• The company is an equal-opportunity employer.
• Women are encouraged to apply even if they do not meet every qualification listed.