WHO WE ARE
At StellarAlgo we are inspired and united around innovating the future of fan experiences. We are brought together by the belief that accessible and actionable data inspires the personalized and authentic experiences that create lifelong fans. Through a combination of embracing challenges, a belief that alignment enables autonomy and a committed team, we believe in empowering our players to achieve big things where it comes to solving interesting problems with data. In fact, our biggest investment is in you; we give you what you need to focus on your professional growth and career development, all while developing software that directly impacts our customers and their fans. We will challenge you and you will be surrounded by people equally committed to the company’s success, allowing for constant collaboration.
THE ROLE: ARE YOU UP FOR THE CHALLENGE
StellarAlgo is the sports CDP that makes it easy to access and take action on fan data across teams and leagues, increasing fan engagement, revenue and sponsorship opportunities. We’re focused on growing and monetizing the world's most passionate digital audiences by recruiting high performers who know how to go for gold, work with their team, solve problems in real time, and speak up with creative ideas.
The Jr. Security Analyst will support the Security team with automating day-to-day compliance for ISO and SOC2 frameworks, building AI agents to streamline security and IT workflows, and implementing the NIST AI RMF and ISO 42001 governance standards in order to ensure our global sports industry clients can trust that their data is protected by industry-leading, AI-governed security protocols that scale at the speed of innovation. We are currently leading the charge in AI Risk Management and pride ourselves on a “security-as-code" culture where we value automation, technical curiosity, and the building the future of security AI-driven platforms.
WHAT YOU WILL DO
Compliance & AI Governance
- Own the daily evidence collection and control monitoring for our ISO 27001, 27701, 27018 and SOC 2 frameworks to ensure we remain audit-ready at all times.
- Assist in the rollout and maintenance of the NIST AI Risk Management Framework (RMF) and ISO 42001, helping to ensure our AI initiatives are safe, ethical, and compliant.
- Act as key contributor during external audits, providing technical documentation and demonstrating control effectiveness to auditors.
AI Automation & Engineering
- Collaborate with the engineering team to design, code and deploy AI agents that automate repetitive security tasks, such as risk assessments and log monitoring.
- Use Python and API integrations to build “security-as-code” pipelines, reducing manual effort for broader security and engineering teams.
- Partner with the engineering team during design sessions and code reviews to ensure that security controls and automation are integrated into the foundation of our internal tools, rather than added as an afterthought.
IT Operations & Support Automation
- Design and maintain AI-driven workflows to handle routine helpdesk queries, software provisioning, and common troubleshooting so you can “automate yourself out” of manual tasks.
AI Security & Research
- Apply your understanding of Large Language Models (LLMs) to identify and fix AI-specific security vulnerabilities like prompt injection, data leakage, and model bias.
- Regularly review our internal AI tools and third-party integrations to ensure they meet our data privacy and security standards.
- Stay current with the rapidly evolving AI and security landscape, sharing research and best practices with the team to keep our defenses ahead of the curve.
WHAT WE ARE LOOKING FOR
- 1-3 years of experience in security, IT, or engineering role, ideally with a focus on automation or process improvement.
- Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field (or equivalent practical experience with a strong portfolio of GitHub projects).
- Proficiency in Python for scripting and building automations; you should be comfortable working with APIs to connect different software systems and automate data flows.
- Understanding of AI and LLMs, specifically how they process data and the unique security risks they introduce, such as prompt injection or data leakage.
- Working knowledge of modern CI/CD pipelines (e.g. GitHub Actions, Gitlab CI/CD) and an understanding of how to integrate automated security checks into the build process.
- Exposure to cloud platforms(AWS, Azure or GCP) and working knowledge of Infrastructure as a Code (IaC) concepts like Terraform or CloudFormation.
- Experience with containerization (docker) and how containers are used to deploy and scale applications securely.
- Eager to learn the “how and why” behind compliance evidence of frameworks such as ISO 27001, SOC2 or the NIST RMF.
- A thinker who is equally comfortable writing documentation for an audit as they are building an AI agent to automate that same audit risk.
- Strong communicator – you can help an employee with a tech issue one moment and discuss security control automation with an engineer the next.
Nice to Haves
- CompTIA Security+ certification
- ISC2 Cybersecurity Certification (CC)
- Cloud-Specific Certs – AWS cloud practitioner or Microsoft SC-900
- Any AI Engineering or LLM Application Development certificate.
WHO YOU ARE
You are a builder who gets genuinely annoyed by doing the same manual task twice. You have a “system-first” mindset; when you see a repetitive ticket or a manual compliance check, your first instinct isn’t just to finish it, but to figure out how to script it out of existence. You are comfortable in the “messy middle” of a fast-growing company, where the rules for AI security are still being written, and you are excited to help write them.
You are deeply curious about the intersection of Security and Artificial Intelligence. You are the person reading up on OWASP top 10 for LLM, experimenting with RAG workflows and trying to understand how to make LLMs safer for everyone.
You are a clear communicator who can translate technical security concepts for a non-technical colleague. You are a lifelong learner who thrives in an environment where things move fast, the bar is high, and is constantly being challenged by a “better way to automate it”.
WHY STELLARALGO
- A genuinely interesting technical challenge: multi-tenant data infrastructure at scale, in a domain where the fans truly care
- A seat at the table as we define what AI-first engineering looks like for our team — not handed down mandates, but collaborative discovery
- Strong compliance posture (ISO 27001/27018/27701, SOC 2 Type II, GDPR) — we take data seriously and you'll have the support to do it right
- A team that values directness, ownership, and continuous improvement without the politics
- Competitive compensation and a flexible hybrid working model based in Calgary, AB. We're a team that believes in the power of live experiences. For those joining us from outside Calgary, we bring the full team together three times a year to foster meaningful connection, collaboration, and alignment.
The data is clear — diverse teams produce better outcomes. StellarAlgo is an equal opportunity employer committed to building an inclusive workplace. We actively seek candidates with unique perspectives and backgrounds and encourage applications from underrepresented groups in tech. We use AI tools at certain stages of our hiring process to support our reviewers, not to replace the human judgment and conversations that are central to finding the right fit.
