I'm not a recruiter, I'm an engineer, a regular HNer for 5+ years and 2k+ karma. I'm external to the company, that's correct, because every contractor/freelancer actually is "external". I've been tasked with finding talent on dev forums and GitHub, earning a "finder's fee" for the extra-hours I'm doing. The offer and role has been depicted accurately and redacted with the input of all the team.

Management and lead engineers are available for backing up these claims. So far, he's refused to speak with the lead engineers for clarification.

We do know who this guy is. He's a front-ender that somehow misinterpreted a recommendation for reading about basic SPA security before the interview (XSS, CSRF, input sanitisation, etc) with a bait-and-switch tactic for an AppSec role. The requirements are clear: https://goo.gl/CXqBrQ. We need people building games and features, if you are security minded, it's a huge plus, that's all.

I've worked at companies that have offices in Toronto, Canada (where I currently live) while their main offices are abroad (US and Curaçao).

They seem to have have a lot of problems with us having different laws and regulations than them (eg: healthcare, holidays) and we're only one country. How does that work when everyone is from different countries?