What are the responsibilities and job description for the Senior Cybersecurity Engineer position at Ceres USA?
Company Overview
Westaim and CC Capital have joined forces to strategically transform Westaim from a holding company into a global alternative credit asset manager with a unique, integrated insurance platform, branded as The Westaim Corporation. This partnership supports a long-term vision to deliver innovative, customized financial solutions across alternative credit and insurance, creating scalable growth and meaningful client impact.
Ceres USA Holdings, LLC, part of the insurance platform within The Westaim Corporation strategy, is the parent company of Ceres Life Insurance – a fast-growing, technology-driven annuity carrier startup. Ceres is focused on redefining retirement security by combining modern fintech capabilities, top-tier talent, and strong vendor partnerships to deliver exceptional annuity solutions and digital experiences.
Ceres is deeply committed to a client-centered culture. Through its Digital Contact Center and advisor-facing platforms, the company delivers proactive, personalized, and technology-enabled support that empowers clients and advisors while maintaining the highest standards of trust, security, and regulatory compliance.
About The Role
We are looking for a Senior Cybersecurity Engineer to join the Information Security team, reporting directly to the CISO, to help secure a modern, cloud-based insurance platform supporting annuity products and financial operations.
This is a hands-on role for someone who enjoys building and improving security systems end-to-end across infrastructure, identity, applications, and data. You will work closely with engineering, operations, and compliance teams to protect sensitive financial information and ensure our systems meet the highest standards of security and reliability.
This is not solely a development-focused security role. You will also help manage and mature our security tooling, identity platform, and cloud security posture on a day-to-day basis. If you are passionate about solving complex security challenges in a fast-paced, growing environment, this role offers the opportunity to make a meaningful impact.
Key Responsibilities
Build and Strengthen Security
Required
Westaim and CC Capital have joined forces to strategically transform Westaim from a holding company into a global alternative credit asset manager with a unique, integrated insurance platform, branded as The Westaim Corporation. This partnership supports a long-term vision to deliver innovative, customized financial solutions across alternative credit and insurance, creating scalable growth and meaningful client impact.
Ceres USA Holdings, LLC, part of the insurance platform within The Westaim Corporation strategy, is the parent company of Ceres Life Insurance – a fast-growing, technology-driven annuity carrier startup. Ceres is focused on redefining retirement security by combining modern fintech capabilities, top-tier talent, and strong vendor partnerships to deliver exceptional annuity solutions and digital experiences.
Ceres is deeply committed to a client-centered culture. Through its Digital Contact Center and advisor-facing platforms, the company delivers proactive, personalized, and technology-enabled support that empowers clients and advisors while maintaining the highest standards of trust, security, and regulatory compliance.
About The Role
We are looking for a Senior Cybersecurity Engineer to join the Information Security team, reporting directly to the CISO, to help secure a modern, cloud-based insurance platform supporting annuity products and financial operations.
This is a hands-on role for someone who enjoys building and improving security systems end-to-end across infrastructure, identity, applications, and data. You will work closely with engineering, operations, and compliance teams to protect sensitive financial information and ensure our systems meet the highest standards of security and reliability.
This is not solely a development-focused security role. You will also help manage and mature our security tooling, identity platform, and cloud security posture on a day-to-day basis. If you are passionate about solving complex security challenges in a fast-paced, growing environment, this role offers the opportunity to make a meaningful impact.
Key Responsibilities
Build and Strengthen Security
- Design and implement security controls across cloud infrastructure, applications, and data platforms
- Review and secure system architectures, APIs, and integrations
- Ensure secure configurations across environments supporting customer, policy, and financial systems
- Manage and tune cloud security posture management (CSPM) tooling to identify and remediate misconfigurations
- Implement and manage security controls across code repositories and CI/CD platforms, including branch protection, secret scanning, and access policies
- Implement and manage security controls within cloud service provider environments, including IAM policies, network security groups, and service configurations
- Monitor systems for security events using centralized logging and observability platforms
- Lead investigations, root cause analysis, and remediation efforts
- Improve detection capabilities through log aggregation, alerting, dashboards, and automation
- Implement and manage identity and access controls aligned with least privilege principles
- Safeguard sensitive customer and financial data through encryption and secure data practices
- Manage vulnerability scanning and remediation processes
- Administer and optimize the identity platform, including SSO, conditional access policies, and identity governance
- Manage DNS records and configurations to support security and operational integrity
- Partner with compliance and legal teams to support regulatory requirements and audits
- Help maintain security controls aligned with industry standards
- Contribute to risk assessments and ongoing control improvements
- Work closely with engineering, data, and operations teams to embed security into workflows
- Provide practical guidance on secure development and system design
- Help promote a strong security culture across the organization
- Continuously research and evaluate emerging security tools, technologies, and best practices to strengthen the organization’s security posture
Required
- 7 years of experience in cybersecurity engineering or a related field
- Experience securing cloud environments such as AWS, Azure, or GCP
- Hands-on experience with security and observability tools such as SIEM, EDR/XDR, CSPM, and centralized logging/monitoring platforms
- Strong understanding of network, application, and API security
- Experience with identity and access management (IAM) and role-based access controls
- Experience administering identity platforms, including SSO, conditional access, and identity governance
- Experience managing DNS records and configurations in support of security operations
- Experience implementing security controls in code repository platforms and cloud-native services (e.g., GitHub, AWS)
- Experience working in regulated environments such as financial services or insurance
- Self-motivated learner who proactively researches emerging technologies, security trends, and evolving threats without waiting for direction
- Experience supporting insurance or annuity platforms
- Familiarity with regulatory frameworks such as SOC 2 or NAIC guidelines
- Certifications such as CISSP, CISM, or cloud security certifications
- Experience integrating security into CI/CD pipelines (DevSecOps)
- Experience in security operations (SecOps), including triage, incident handling, and operational monitoring
- Demonstrated initiative in independently building knowledge in areas such as AI, automation, or other rapidly evolving technology domains
- Strong communication skills and ability to work across technical and business teams
- Be part of a fast-growing, innovative insurance business dedicated to providing top-tier support to IMOs and financial advisors
- Make a direct impact on the company’s growth strategy by playing a key role in building and optimizing IMO partnerships
- Work in a high-energy, collaborative startup environment focused on technology, digital tools, and advisor enablement
- Competitive compensation package with PTO, health benefits, and career growth opportunities