Job Title

About Kinaxis Are you looking to join an innovative, market-leading company where you can truly elevate your career? At Kinaxis we are serious about culture, technology, customers, and not taking ourselves too seriously. If you are looking to be part of an incredible growth story, then we might just be the place for you! In 1984, we started as a team of three engineers. Today, we have grown to become a global organization with over 2,000 employees worldwide, six global offices, and a bestinclass HQ in Ottawa, Canada. As winners of several Top Employer awards globally, we are proud to work with our customers and employees towards solving some of the biggest challenges facing supply chains today. We are a global leader in modern supply chain orchestration, powering complex global supply chains and supporting the people who manage them. Our powerful, AIinfused platform provides full transparency and visibility across endtoend supply chains, enabling customers to make faster, better decisions. We are trusted by renowned global brands to provide agility and predictability needed to navigate todays volatility and disruption. With more than 40,000 users in over 100 countries, we continue to innovate and revolutionize how we support our customers. Location Ottawa, Canada Hybrid Other Canadian locations Remote About The Role The Security Automation Engineer designs, builds, and operates automated security capabilities across a hybrid enterprise environment spanning onpremises infrastructure and public cloud platforms. This is a handson, builderoriented role focused on eliminating manual security effort by embedding security guardrails, detections, and remediation directly into platforms, pipelines, and operational workflows. In this role, you will own the automation and orchestration layer of the security program, working closely with infrastructure, platform, data, and application engineering teams to ensure security is continuous, scalable, and enforced through code. You will have strong software engineering experience with deep security domain expertise across cloud, Kubernetes, CI/CD, data platforms, and modern AI workloads. Vacancy Status This is an existing job vacancy. What you will do Security Automation & Engineering Design and implement eventdriven, APIfirst security automation for detection, response, and preventative controls. Build reusable automation frameworks and libraries to enforce security standards across environments. Replace manual security processes with code, workflows, and orchestration integrated into enterprise platforms. Infrastructure as Code (IaC) & Policy Automation Enforce security guardrails via policyascode (OPA/Gatekeeper, Terraform, Sentinel, cloudnative policy engines). Automate scanning, validation, approval gates, and autoremediation for IaC drift and misconfigurations. Develop secure IaC modules that embed security by default. Container Security Automation Automate cluster and workload hardening (RBAC validation, admission control, policy enforcement). Integrate image scanning, signing, and deployment validation into CI/CD. Automate runtime signal collection and response for container workloads. Embed security automation into CI/CD pipelines (SAST, SCA, DAST, secrets detection, IaC scanning). Implement policybased gates and automated failure handling. Automate SBOM generation, artifact signing, provenance checks, and attestation enforcement. GitHub Security Engineering Automate GitHub Enterprise security controls: repository standards, branch protections, code scanning, secret scanning, and dependency management. Enforce leastprivilege access and token hygiene via automation. Integrate GitHub security telemetry into SIEM and SOAR pipelines. Databricks & Data Platform Security Automate Databricks workspace and cluster security (policies, permissions, secret scopes, token lifecycle). Enforce data access guardrails and monitor for anomalous behavior. Integrate Databricks telemetry into centralized logging and detection systems. Vulnerability Automation & Remediation Build automated pipelines that prioritize, route, and remediate vulnerabilities based on risk context. Integrate vulnerability data with ticketing, CI/CD, and configuration management systems. Develop selfservice remediation workflows for engineering teams. Security Operations & Orchestration Design and develop SOAR playbooks and automations for common and highimpact security events. Integrate signals from cloud platforms, endpoints, identity systems, Kubernetes, and CI/CD into SIEM. Continuously tune detections to improve signal quality, reduce noise, and support analyst efficiency. Embed automated security checks into change management workflows, including prechange validation and postchange verification. What we are looking for Primary Skills And Qualifications Bachelors degree in Information Security, Computer Science, Information Technology, or equivalent practical experience. 57+ years of experience in security engineering, site reliability engineering (SRE), or software engineering with a strong security focus. Strong software engineering mindset with the ability to design, build, and operate production systems. Proven ability to balance security rigor with delivery speed and business outcomes.Experience operating productiongrade systems with uptime, telemetry, and reliability requirements. Strong collaboration skills with a demonstrated ability to enable engineering teams rather than block delivery. Excellent written and verbal communication skills, with the ability to clearly articulate complex technical concepts. Ability to work effectively in a fastpaced, global environment with shifting priorities. Preferred Certifications: CCSP, CISSP, CKS, Azure or GCP Security Specialty, GIAC certifications relevant to cloud or automation security. Role Specific Skills and Experience Strong software engineering skills: Python (preferred), Go or Java; REST APIs; eventdriven systems. Infrastructure as Code (Terraform, CloudFormation, etc.) with policyascode enforcement.Strong knowledge of CI/CD security automation (GitHub Actions, Azure DevOps, GitLab). Handson experience with Kubernetes security (admission control, PSS, network policy, signing, runtime security). GitHub Enterprise security configuration and automation. Databricks security architecture and automation. AI / LLM workload security and usage controls. Vulnerability management automation and remediation pipelines. Identityfirst security (IAM, workload identity, key & secret lifecycle). Benefits Flexible vacation and Kinaxis Days (companywide days off) Flexible work options Physical and mental wellbeing programs Regularly scheduled virtual fitness classes Mentorship programs, training, and career development Recognition programs and referral rewards Hackathons Application & Accessibility Kinaxis welcomes candidates to apply to our inclusive community. We provide accommodations upon request to ensure fairness and accessibility throughout our recruitment process for all candidates, including those with specific needs or disabilities. If you require an accommodation, please reach out to us at for accessibility requests only. This contact information cannot be used to inquire about the status of applications. Kinaxis is committed to ensuring a fair and transparent recruitment process. We use artificial intelligence (AI) tools in the initial step of the recruitment process to compare submitted resumes against the job description to identify candidates whose education, experience, and skills most closely match the requirements of the role. After the initial screening, all subsequent decisions regarding your application, including final selection, are made by our human recruitment team. AI does not make any final hiring decisions. #J-18808-Ljbffr