Senior Cybersecurity Engineer

At Backcountry, our mission is to connect people to their passions. Our four online stores—Backcountry, Competitive Cyclist, MotoSport and, SteepandCheap—aim to supply our customers with the gear, knowledge, and inspiration necessary to get out there and chase down life’s greatest moments. We do this by providing the biggest and best assortment of premium outdoor products, superior shopping experience, personalized Gearhead expertise, lightning-fast and accurate fulfillment, and inspirational, informative, and community-centered content.  The Opportunity Are you passionate about cybersecurity and ready to make a real impact? We're looking for a Senior Cybersecurity Engineer to be a key player in protecting Backcountry's digital ecosystem—safeguarding the platforms that connect millions of outdoor enthusiasts with the gear that fuels their adventures. In this role, you won't just be filling a seat—you'll be shaping our security strategy from the ground up. You'll work across a modern, hybrid technology stack spanning AWS and GCP cloud environments, manage enterprise identity solutions like Azure Entra ID and Active Directory, and leverage cutting-edge tools like Microsoft Defender XDR to stay ahead of emerging threats. From conducting hands-on penetration testing to architecting secure Infrastructure as Code with Terraform, you'll have the autonomy to drive meaningful change and the support to grow your expertise. If you thrive in dynamic environments, love solving complex problems, and want your work to matter, we'd love to hear from you.   This position will report into the Information Security Manager. What you get to do:

Manage Identity & Access Security – Administer and secure Windows Active Directory, Azure Entra ID, and SSO configurations; enforce security policies for 1Password; conduct periodic access reviews and implement least-privilege principles

Secure Cloud Infrastructure – Protect and monitor infrastructure hosted in AWS and GCP; configure and maintain AWS WAF rules and CloudFront distributions; review Terraform configurations for security best practices

Lead Endpoint Protection & Threat Detection – Manage Microsoft Defender XDR for endpoint security; monitor alerts, investigate incidents, and lead incident response efforts; develop detection rules and automated response playbooks

Execute Vulnerability Management & Penetration Testing – Run monthly vulnerability scans using OpenVAS; perform manual penetration testing of internal and external systems; prioritize remediation and present risk assessments to stakeholders

Protect Collaboration Tools – Secure Microsoft 365 environment (Exchange Online, SharePoint, OneDrive, Teams); implement Data Loss Prevention (DLP) policies and email security controls

Drive DevSecOps Practices – Integrate security into CI/CD pipelines using GitHub; review Infrastructure as Code for misconfigurations; collaborate with engineering teams on secure development practices

What you bring:

5+ years of experience in cybersecurity, information security, or related roles

Demonstrated experience in at least 3 of the following areas:

Identity and Access Management (Active Directory, Azure AD/Entra ID, SSO)

Cloud security (AWS or GCP)

Endpoint Detection and Response (EDR) / XDR solutions

Vulnerability management and penetration testing

SIEM operations and incident response

Solid understanding of networking fundamentals (TCP/IP, DNS, firewalls, VPNs)

Experience with Infrastructure as Code (Terraform preferred) and Git/GitHub workflows

Knowledge of common attack vectors, MITRE ATT&CK framework, and threat modeling

Scripting/automation skills (Python, PowerShell, or Bash)

Strong analytical, problem-solving, and communication skills

Self-motivated with the ability to prioritize multiple tasks in a fast-paced environment

Security certifications such as CISSP, CISM, AWS Security Specialty, GCP Security Engineer, SC-200, OSCP, or CEH

Experience with Microsoft Defender XDR suite (Defender for Endpoint, Identity, Cloud Apps)

Hands-on experience with AWS WAF and CloudFront security configurations

Background in compliance frameworks (SOC 2, ISO 27001, PCI-DSS, GDPR)

Nice to Have:

Security certifications such as CISSP, CISM, AWS Security Specialty, GCP Security Engineer, SC-200, OSCP, or CEH

Experience with Microsoft Defender XDR suite (Defender for Endpoint, Identity, Cloud Apps)

Hands-on experience with AWS WAF and CloudFront security configurations

Background in compliance frameworks (SOC 2, ISO 27001, PCI-DSS, GDPR)

What’s in it for you?

Joining Backcountry isn’t just about having a seat at the table—it’s about helping redesign the table entirely. You’ll be challenged, stretched, and supported as you grow faster than you thought possible. In addition to competitive compensation, we offer: 

Executive Access: Work directly with brand CEOs and senior leadership, solving real business problems and earning mentorship from top operators. 

AI-First Skill Building: Get hands-on with the most advanced AI tools in the market. From automation to prompt engineering, you’ll build a modern tech stack that sets you apart in any industry. 

Accelerated Career Path: High performers are quickly entrusted with greater responsibility, new challenges, and leadership opportunities across our portfolio of brands. 

Competitive benefits:  Paid time off policies, 401(k)/RRSP match, medical/dental/vision and a variety of supplemental policies, and employee discounts at our portfolio companies

Our interview process:

📞 Step 1: If you align with our vision and meet the qualifications, we’ll reach out to schedule a conversation and introduce Backcountry. 

🧠 Step 2: You’ll complete a short AI or product-building challenge so we can understand how you approach problems and execution. 

💬 Step 3: Participate in deep-dive interviews with Backcountry leadership focused on your experience, product mindset, and operational thinking. 

📩 Step 4: Offer. We’ll move fast for the right candidate.