Lead Security Engineer
Fullscript
Other Engineering
Ottawa, ON, Canada
Posted on Oct 23, 2025
Founded in 2011, Fullscript is a healthcare platform built on the belief that care should treat the whole person. Today, more than 125,000 practitioners and 10 million patients count on us for access to high-quality supplements, industry-leading labs, and tools that make it easier to follow through on care.
Our purpose is simple: to help people get better. Every system we design and every program we deliver supports practitioners in providing care that is more personal, more efficient, and more effective.
This is your invitation. Bring your ideas. Bring your grit. Bring your care for people.
Let’s build a healthier future together and make healthcare whole.
Fullscript is looking for an experienced Lead Security Engineer. You will be leading and maturing our efforts in delivering a modern and secure user experience and effective risk management. You will join a Security team that’s responsible for DevSecOps, AppSec, GRC, security operations, and incident response. You will have the opportunity to make a difference on a wide array of security challenges and solve interesting problems along the way.
What You'll Do:
- Drive security initiatives ensure security is considered from design through implementation.
- Effectively utilize threat model to inform application design decisions.
- Perform security code review to validate vulnerabilities, exploitabilities, and adherence to security best practices.
- Triage application vulnerabilities and recommend remediation strategies.
- Purple team our application and demonstrate attack vectors.
- Improve security processes and tooling automation.
- Optimize security processes using SLAs, severity frameworks, and remediation protocols.
What you bring to the table:
- Demonstrated success delivering application security programs.
- Experience partnering with cross-organizational teams to drive security initiatives.
- Experience with engineering focused remediation and mitigation strategies against security vulnerabilities.
- Experience with with product engineering and security engineering.
Additional experience we value:
- Experience with hardening/security best practices for AWS, Kubernetes, CI/CD Pipelines, IaC, Terraform, CloudFormation
- Experience with protecting / hardening of health data.
- Experience securing Ruby on Rails, Javascript, GraphQL applications.
- Experience with pen-test software (Burpsuite).
- Understanding of industry frameworks (SOC2, PCI, HIPAA, HITRUST, NIST).
What we can offer you
- Generous PTO and competitive pay.
- Fullscript’s RRSP match program for financial health.
- Flexible benefits package and workplace wellness program.
- Training budget and company-wide learning initiatives.
- Discount on Fullscript catalog of products.
- Ability to work Wherever You Work Well
Why Fullscript?
Great work happens when people are supported, challenged, and inspired. Here, you’ll be part of a team that:
⬦ Values innovation—we push boundaries and always look for better ways.
⬦ Supports growth—through learning, mentorship, and meaningful work.
⬦ Cares about balance—with flexible work options and time off when you need it.
📌 Apply now—let’s build the future of healthcare, together.
We kindly ask that all applications be submitted directly through our careers page. Due to the high volume of interest, we’re not able to respond to individual emails or messages about job postings. If your background aligns with what we’re looking for, a member of our team will reach out to you directly.
Fullscript is an equal-opportunity employer committed to creating an inclusive workplace. Accommodations are available upon request—email accommodations@fullscript.com for support.
Before joining the team, all candidates who receive and accept an offer will complete a background check.
We use AI tools to support parts of our hiring process, like screening and reviewing responses. Final decisions are always made by people. This process complies with privacy and employment laws across Canada and the U.S.
------
🚀 MORE INFO: www.fullscript.com
💬 SOCIAL: @fullscriptHQ
