Staff Security Engineer

Staff Security Engineer – Fullscript

Location: Greater Montreal Metropolitan Area (Remote)

Founded in 2011, Fullscript started by solving one problem: helping practitioners access and prescribe the products they trust to deliver integrative care. What began as a simple solution has evolved into a health intelligence platform that powers every part of care. Today, 125,000 practitioners rely on Fullscript for clinical insights, lab interpretations, patient analytics, education, and access to high‑quality supplements. They support over 10 million patients who use Fullscript to stay connected to their care plans, making it easier to stay engaged and follow through on treatment. Fullscript builds tools that make care smarter and more human—tools that save time, simplify decisions, and strengthen the connection between practitioner and patient. When everything practitioners need is in one place, they can focus on what matters most: helping people get better.

• Lead the design and implementation of robust security architectures for Fullscript’s applications and AI initiatives.
• Collaborate closely with engineering teams to embed security into the development lifecycle, including threat modeling, security coding practices, and design reviews.
• Drive AI security best practices, ensuring responsible deployment and mitigation of risks such as data poisoning, prompt injection, or model exploitation.
• Mentor engineers and other security team members, fostering a culture of security awareness and technical excellence across the organization.
• Conduct technical risk assessments, security research, and code reviews to proactively identify and remediate vulnerabilities.
• Influence cross‑functional teams through technical leadership, helping define security standards and strategies that scale across Fullscript’s products and AI ecosystem.
• Stay ahead of emerging threats, attack vectors, and AI‑specific security challenges to guide strategic decisions for the organization’s security posture.

• Deep technical expertise in application security and secure software development.
• Experience with AI/ML security.
• Strong understanding of modern software architectures, cloud environments, and APIs.
• Proven ability to influence and mentor engineers across teams, fostering security‑first thinking and best practices.
• Hands‑on experience with security tooling and automation, including static/dynamic analysis, monitoring, and observability systems.
• Strong problem‑solving skills, able to balance security rigor with product velocity.
• Excellent communication and collaboration skills, able to translate complex security concepts to technical and non‑technical stakeholders.

• Experience with protecting/hardening health data.
• Experience securing Ruby on Rails, JavaScript, GraphQL applications.
• Familiarity with regulatory and compliance frameworks relevant to software and AI security (e.g., SOC 2, NIST).

• Generous PTO and competitive pay.
• Fullscript’s RRSP match program for financial health.
• Flexible benefits package and workplace wellness program.
• Training budget and company‑wide learning initiatives.
• Discount on Fullscript catalog of products.
• Ability to work wherever you work well.

• Values innovation. We stay curious and keep finding smarter ways to make care better.
• Supports growth. We learn together and take on new challenges that drive impact.
• Puts people first. We win as a team and leave egos at the door.

Apply now. Let’s build the future of healthcare together.

Fullscript is an equal‑opportunity employer committed to creating an inclusive workplace. Accommodations are available upon request—please email for support. All employment offers are contingent upon the successful completion of background checks conducted in compliance with applicable federal, state, and provincial laws. We also use AI tools to support parts of our hiring process, such as screening and reviewing responses. Final decisions are always made by people and comply with privacy and employment laws across Canada and the U.S.

Learn more about Fullscript: