Wattpad’s vision is to entertain and connect the world through stories. A leading global webnovel platform, Wattpad has democratized storytelling for a new generation of diverse Gen Z writers and their fans. Wattpad is part of WEBTOON Entertainment’s IP & Creator Ecosystem, where approximately 155 million monthly active users discover incredible stories in multiple formats. Come build the future of entertainment and storytelling with our global team, and write your next chapter with us!

Wattpad is part of the WEBTOON Entertainment family of brands, home to some of the world’s largest storytelling platforms. With approximately 155 million monthly active users, WEBTOON Entertainment’s IP & Creator Ecosystem of aligned brands and platforms include WEBTOON, Wattpad–the world’s leading webnovel platform–WEBTOON Productions, Studio N, Studio LICO, WEBTOON Unscrolled, LINE MANGA, and eBookJapan, among others. To read more about our family of Brands, check out our website here.

As a Sr. Security Engineer, you’ll be working closely with the Engineering, Data, and Product teams to embed security into the evolution of our systems. You will play a pivotal role in protecting our organization’s data, systems, and networks while ensuring our engineering velocity remains high.

As a senior member of the Security Team, you will work to drive the security vision for the department and will be responsible for influencing thinking across multiple teams to improve how we build secure software in general.

Wattpad runs on a large distributed system that handles tens of thousands of requests every second. You’ll be securing our AWS cloud infrastructure and helping us mature our application security program. Our security stack relies on AWS Security Hub, GuardDuty, and WAF for infrastructure protection, while leveraging Datadog and Splunk for observability and threat detection. We are heavily invested in infrastructure-as-code using Terraform and are looking to automate security workflows using Python and GitHub Actions.

What You’ll Do:

• Designing, implementing, and monitoring security controls in our AWS cloud infrastructure to balance protection with scalability.
• Influencing the technical direction of the Engineering & Data department by introducing secure development practices and threat modeling.
• Acting as a force multiplier by building security automation workflows and "guardrails" that allow teams to ship code safely and quickly.
• Directly solving complex security challenges, including incident response, root cause analysis, and remediation of vulnerabilities.
• Assisting teams in implementing access management and compliance controls, compliance (SOC 2/ISO 27001), and risk governance.
• Building and maturing our application security program, partnering with engineering teams to triage findings from our Vulnerability Disclosure Program.
• Collaborating with engineers on implementing security best practices to help raise the security bar across the organization.

Required Qualifications:

• 5+ years of work experience in SecOps, Cloud Security, DevSecOps, or similar security-focused role
• AWS security expertise: Hands-on experience with Security Hub, GuardDuty, Inspector, AWS WAF, and IAM policy management
• SIEM experience highly desirable: Datadog, Splunk, or similar platforms (query development, alert tuning, incident investigation)
• Proficiency with infrastructure-as-code security: Terraform, CloudFormation, or similar
• Experience with containers and Kubernetes (EKS preferred) including security hardening
• Strong scripting and automation skills: Python, Bash, PowerShell
• Experience securing CI/CD pipelines (GitHub Actions strongly preferred)
• Familiarity with MITRE ATT&CK and D3FEND frameworks
• Understanding of enterprise and cloud network security architecture and controls
• SOC 2 and/or ISO 27001 compliance experience
• Self-starter comfortable with ambiguity – ability to define and execute on loosely-scoped problems
• Balanced communication style – proactive collaborator when needed, deep-focus engineer when required
• Excellent written and verbal communication skills for cross-functional collaboration

Preferred Qualifications:

• Experience building application security programs from early stages
• Hands-on experience with Data Loss Prevention (DLP) solutions
• Familiarity with HackerOne, Bugcrowd, or similar bug bounty/VDP platforms
• Experience implementing threat modeling practices (STRIDE, PASTA, or similar)
• Just-In-Time (JIT) access implementation experience
• Experience with security orchestration and automation (SOAR)
• Cloud security certifications: AWS Security Specialty, CCSP, CCSK
• Offensive security background: OSCP, GPEN, CEH or practical CTF/red team experience
• Contributions to security open-source projects or published security research
• Experience debugging complex systems across different layers of the stack

$110,000 – $150,000 a year

Please note, the range above is listed in CAD. This position qualifies for the full suite of benefits.

What we offer (For Full-Time Only):

* Career development; we believe in mentorship and investing in your learning, supporting you to achieve your goals

* Top industry health benefits, including vision and dental

Your own health/wellness account to spend each year

* RRSP Contributions (Canada), 401K Contributions (USA)

* Generous vacation and Maternity/Parental leave top-up program

* Corporate discount for gym memberships for you and your family

* Work from almost anywhere in the world for part of the year

* Winter break shutdown and a whole lot more!

Wattpad is conducting all interviews in a distributed manner using applicable third party software where needed and using visual interface tools such as Google Meet and Zoom.

About Wattpad

Who are we? Entrepreneurs and Do-ers. Our vision is to entertain and connect the world through stories, and our mission is to use the power of community and technology to unleash the full potential of stories to the world.

What does that mean? We are visionaries, community builders, passionate problem solvers, storytellers, coffee snobs (tea drinkers, too!), curious by nature, and culturally diverse.

What are we obsessed with? Our users. Solving complex problems and maximizing flow. Learning constantly. Building the next great storytelling product. Finding the greatest stories ever told. Dogs (and cats), coffee, and good snacks.

How do we work? Autonomously, collaboratively, respectfully. Balancing with work, family, and play…and all while having a great time.

Wattpad is a remote friendly company and encourages remote candidates to apply as long as they are located and authorized to work in either the US or Canada (excluding Quebec) as a precondition of employment. We are not able to sponsor applicants for work permits.

Unlock the best of both worlds with a remote role that keeps you connected! We’re looking for passionate individuals in the Greater Toronto Area to join our team. While you’ll enjoy the flexibility of working from home, you can take advantage of periodically coming to our vibrant downtown Toronto office to connect with colleagues, collaborate on exciting projects, and take part in company events. This is your opportunity to be a part of our thriving workplace culture.

Culture and Diversity

Wattpad is an equal opportunity employer. We do not discriminate. Period.

Wattpad welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. We have taken a leadership position on creating a culture and an organization that truly values diversity. We are committed to fostering a global team that reflects the diversity of the Wattpad community. At Wattpad, we believe cultural fit doesn’t mean culturally identical, and diversity of thought helps us to challenge one another to think big and think differently. We consider employment applicants without regard to age, race, colour, national origin, citizenship, religion, creed, sex, sexual orientation, veteran status, marital status, disability status or any other protected status.

If you have any special needs or accessibility requirements, please let us know. We will do our utmost to accommodate, in accordance with applicable local legislation.

Don’t meet all the requirements? Studies show women and people of colour are less likely to apply to jobs if they do not meet all the qualifications. Therefore, in an effort to build a more diverse workplace, we encourage you to apply anyways. You might actually be the right person or you may be a good fit for a number of other openings we currently have.

#Wattpad