TL;DR

Security Engineer: Executing on a security roadmap for a fast-growing SaaS company with an accent on detection engineering, compliance operations, and customer-facing security activities. Focus on writing and tuning detection rules in SIEM, supporting SOC 2 audits, and assisting with endpoint security operations.

Location: Hybrid in South Jordan, Utah (M, W, F in-office) or fully remote based from Utah

Company

Canopy is a fast-growing SaaS company revolutionizing the accounting space with modern, user-friendly software and has recently secured $70M in Series C funding.

What you will do

  • Write, tune, and maintain detection rules in Datadog SIEM to identify threats and improve alert quality.
  • Support SOC 2 audit cycles, including evidence collection and auditor coordination.
  • Drive progress on Trust Services Criteria (TSC) expansion and CIS Controls v8 implementation.
  • Respond to customer security questionnaires and support customer-facing compliance activities.
  • Assist with endpoint security operations using tools like JAMF Pro, SentinelOne, and Cloudflare Zero Trust.
  • Help maintain and improve compliance documentation, security policies, and internal procedures.

Requirements

  • 3+ years of experience in information security, with hands-on experience in detection engineering, compliance, or security operations.
  • Experience working at a SaaS company.
  • Practical detection engineering skills, including writing and tuning rules in a production SIEM (Datadog, Splunk, Elastic, or similar).
  • Hands-on experience with a GRC platform (Drata, Vanta, or equivalent), not just theoretical SOC 2 knowledge.
  • Experience responding to customer security questionnaires and supporting external audits.
  • Familiarity with compliance frameworks such as SOC 2, CIS Controls, or NIST CSF.
  • Clear written and verbal communication skills for customer-facing compliance work.

Nice to have

  • Experience with endpoint security tools (JAMF Pro, SentinelOne, CrowdStrike Falcon, Cloudflare Zero Trust).
  • Familiarity with macOS MDM/fleet management and endpoint hardening.
  • Exposure to DLP policy authoring, secure web gateway deployment, or CASB configuration.
  • Relevant certifications (Security+, GSEC, CCSK, or similar).
  • Experience with AWS security services or cloud security fundamentals.

Culture & Benefits

  • Flexible Paid Time Off and 10 company holidays.
  • Comprehensive Health Benefits (Medical, Dental, Vision) and HSA Match.
  • 401(k) with 100% match up to 3% of contribution, immediate eligibility and vesting.
  • Mental Health support via Impact Suite & Employee Assistance Program (EAP).
  • Paid New Parent Leave & Birthing Parent Leave.
  • Supplemental Benefits including 100% company-paid Basic Life & AD&D insurance and long & short-term disability.
  • Peer-to-peer recognition program (Nectar).
  • Company events including monthly company-wide meetings and summer parties.
  • ERG Committees for continuing education, community outreach, and recruiting.
  • Fully-stocked kitchen catering to various dietary needs.

Hiring process

  • Application review.
  • 20-minute phone call with the People Team.
  • 45-60-minute video or in-person interview with the Hiring Manager.
  • 1-3 rounds of interviews depending on the role.
  • Final Interview.