about 8 hours ago
Toronto, CanadaMid Level / Senior
H1B Sponsor
Responsibilities
- Implement and manage DevSecOps practices across the Software Development Lifecycle.
- Design and harden CI/CD pipelines using tools like GitHub Actions.
- Integrate and enforce security checks such as SAST and dependency scanning.
- Secure cloud infrastructure on GCP by implementing least privilege principles.
- Manage encryption and key rotation using Cloud KMS.
- Oversee container and artifact hardening for supply chain integrity.
- Ensure application code follows secure coding best practices.
- Monitor CI/CD pipelines and production environments for security events.
- Maintain documentation for compliance frameworks like SOC 2 and ISO 42001.
- Assist in developer infrastructure work in a full-stack environment.
Requirements
- 4+ years of experience in DevSecOps or Security Engineering.
- Bachelor’s degree in any engineering discipline; Computer Science preferred.
- Experience securing cloud environments, preferably GCP.
- Strong practical experience with CI/CD systems hardening.
- Proficiency in security practices for application development.
- Familiarity with compliance standards like SOC 2 and PCI DSS.
- Ability to handle a fast-paced startup environment.
- Strong verbal and written communication skills.