Data Engineer III

Job Title: Data Engineer III
Location: Toronto, ON (Hybrid)
Estimated Duration: 4 Months

Job Description:
We are looking for a detailed-oriented Cloud Security and AI Test Engineers to join our team. This individual will focus on automating and validating Compliance-as-Code (CaC) policies across multi cloud environments including GCP, Azure and AWS. In this role you will blend your expertise in cloud security with advanced AI tools to enhance compliance, security and test automation, ensuring continuous validation within multi cloud environments. 

Key responsibilities:
Automated testing for cloud policies

• Design, develop, implement and maintain AI-driven automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations
• Implement AI- driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations to simulate and test policies effectively
• Utilize Azure AI Search, Azure OpenAI, and Azure Machine learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps
• Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic 
• Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts
• Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions

Continuous Testing & CI/CD Integration

• Integrate AI- assisted compliance validation into CI/CD pipelines GitHub actions GitHub workflows using GitHub Copilot for scripting efficiencies and M365 Copilot studio for creating streamlined policy validation templates
• Automate security scanning and validation of terraform deployments with Python
• Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions.

Cloud Security and Regulatory Compliance enforcement

• Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates.
• Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2)

Reporting & Audit Readiness 

• Implement/test logging and monitoring solutions to detect compliance violations in real time.
• Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, AppOmni
• Ensure that all Client Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits.

MUST-HAVE Hard Skills:

• 5+ years in Cloud Security, DevSecOps, AI or Cloud Engineering roles
• Strong Knowledge of GCP, Azure, AWS.
• Jira and Confluence
• Proficient within Python
• CI/CD pipelines
• Proficient within Terraform

SOFT SKILLS:

• Strong communication skills (written and verbal)
• Strong interpersonal skills are required
• Self-motivated, well organized, able to work both independently and in a team environment
• Attention to detail and someone who is a self-starter and adaptable

NICE-TO-HAVE

• Cloud or DevSec Ops engineering certification are an asset
• Experience with Container security and Kubernetes policy enforcement
• Hands on experience with HashiCorp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes
• Cloud infrastructure as a code – Experience with Helm, ARM, JSON, YAML, REGO
• Banking or financial institution experience