DevSecOps Engineer X 2

79357
Scarborough, ON
Contract
6 days ago

Position Title: DevSecOps Engineer
Location: Scarborough, ON
Duration: 6 months
             
Story Behind the Need
Business group: Our Client’s Information Security & Control (IS&C)’s Enterprise Security Services – Application Security is responsible to improve security practices and, through that, to find and preferably prevent security issues within applications.
Project: Cloud Native Application Protection Platforms (CNAPP) solution – Overlooking daily CNAPP applications, communicating with developers.
Understanding of Image scanning process helping development in pipelining data. Monitor the queue for exceptions. Get the necessary approvals.
Candidate Value Proposition: You will be instrumental in delivering the next generation security capability through a large-scale transformation effort at the Bank.
Typical Day in Role:
We are seeking a Cloud Security Engineer to join our Enterprise Security Services team. You are familiar with the DevOps space and have strong Cybersecurity and Cloud security knowledge and skills. In addition, you have strong communication and stakeholder engagement skills, allowing you to understand and implement Cloud Native Application Protection Platforms (CNAPP) solution and apply best practices.
Accountabilities
Collaborate with stakeholders across the Bank – you will work closely with development and engineering, DevOps, cloud, application security and other application owner teams across the organization to deliver Cloud Security capabilities for the Bank.
CNAPP Operation

  • Contribute to the success of our cloud transformation by supporting the Review and Triage of the findings flagged by CNAPP
  • Develop and/or enhance strategies and processes to manage the security vulnerabilities and threats for cloud native applications
  • Adhere to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate identified risks

DevSecOps Operation

  • Review and consolidate the DevSecOps processes and tools
  • Develop and/or enhance the strategies and processes to identify, analyze, and communicate cloud workload vulnerabilities as per the CISO Directives, technical standards and published communication process flows
  • Develop and/or enhance reporting to development teams and all levels of management in order to provide proper tracking and measurement of remediation relative to established objectives
  • Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions

Candidate Requirements/Must Have Skills:

  • 10+ years’ relevant working experience in IT (development, DevOps, cloud security etc.)
  • 3+ years’ experience with Cloud Security domains like CNAPP, CWPP, CSPM and/or tools like SCCE, CrowdStrike, Prisma Cloud, Aqua Enterprise, MS Defender etc.
  • 3+ years’ experience as a DevSecOps Engineer, with demonstrated experience in security integration, automation of security processes, risk assessment and mitigation
  • 5+ years’ experience with popular CI/CD tools and processes like BitBucket/GitHub, Jfrog Artifactory, Jenkins, Azure DevOps, GitLab CI/CD, CircleCI

Nice-To-Have Skills:

  • 5+ years’ experience with documenting process, procedure, and user guide like a technical writer.
  • 3+ years’ experience with large organization cloud transformation – Top 5 Canadian banks

Soft Skills Required:

  • Excellent communication skill and good support skills for triaging and analysis of issues for all development teams
  • Proficient at collaborating with various stakeholders to achieve the objectives assigned

Education:

  • Undergrad or equivalent experience – valuing work experience more
  • GCP PCSE Certification will be asset

Best VS. Average Candidate:
Ideal candidate is very detail oriented, technical, analytical, and organized; strong DevSecOps Engineer who has worked in a tech company, startups in cloud transformation projects
Candidate Review & Selection
1 round – remote – Video Conference Call
1st – HM and one or two Senior Lead – 1 hour – technical interview focusing on security integration and vulnerability assessment knowledge and skills
Hiring Manager’s availability to interview: ASAP
 

The pay range that the employer reasonably expects to pay for this position is between CA$80.00 and CA$90.00

Our voluntary benefits offering includes medical, dental, vision and retirement benefits.

Applications will be accepted on an ongoing basis.

Tundra Technical Solutions would like to thank you for the interest you have demonstrated in this opportunity. However, only candidates with the required skills will be contacted.

Tundra Technical Solutions is an Equal Opportunity/Affirmative Action Employer. We welcome and encourage diversity in our workplace.

Not interested in this position, but know somebody who might be? Check out our Referral Reward Program, referrals are a big secret behind our success. As always, we’re on the lookout for great people. And we know that you know great people!

Tundra Technical Solutions is among North America’s leading providers of Information Technology and Engineering staffing and consulting services. Our success and our clients’ success are built on a foundation of service excellence. Rather than continually trying to sell to new clients and companies and simply filling databases with candidates, we focus on developing stronger relationships and deeper knowledge of our existing clients’ challenges and opportunities.

Open ears. Open minds. Open futures