Security Implementation Engineer (DevSecOps)
Security Implementation Engineer (DevSecOps)
Toronto, Ontario, Canada
This job allows you to work remotely
Our client is a global brand synonymous with Sports and Gaming. Their platform is home to millions of sports fans around the world and provides them with digital media and sports betting. Their app is the most popular of its kind in North America and delivers sports fans unique and highly personalized live scores, news, stats and betting information from their favourite sports teams, leagues and players. Their new betting app delivers a highly immersive mobile betting experience. They are a publicly traded company :)
As part of the team, you will be working with other smart, friendly and dedicated Developers, Product Managers, Systems/DevOps Engineers and designers that are determined to deliver the best apps the market as to offer. They will make you feel challenged and provide you with the full experience of what its like to work at a place this awesome.
Brief Overview of the Day to Day:
- Set up and manage vulnerability management lab
- Work with DevOps, IT and Engineering team in the implementation and integration of security solution across the organization
- Design and manage the implementation of security technologies in the organization
- Maintain and manage security tools, processes and technologies
More About You:
- Communicate exceptionally well with management, peers, and clients.
- Have high attention to detail and commitment to quality
- Ability to work effectively in a fast-paced, changing environment
- Excellent time management skills
- Excellent human-to-human relationship
Must Have Skills:
- You have a bachelor's degree in Computer Science, Electrical/Computer Engineering or related field.
- 7+ Years of experience in implementing technical controls to safeguard information systems against loss of confidentiality, integrity, availability, and privacy
- 7+ years in network and system engineering for on-premise, hybrid, and cloud solutions
- DevSecOps automation experience with tools such as Ansible, Puppet, Chef, Terraform, CloudFormation, Google Cloud Deployment Engine, and Compute API.
- Strong and in-depth knowledge of Kubernetes security in both on-premise and cloud environments, including GKE, EKS, and ECS.
- Experience with Azure Security Center, real-time security monitoring, observability, and experience with scanning tools like Splunk, DataDog, Nagios, CloudFlare, Nessus, Openvas, etc.
- CISA and/or CISSP certification is required, or must be in progress
- Strong knowledge of Cloud Security and technologies including GCP, AWS and Azure as well as on-prem technologies.
- Hands-on experience with Infrastructure as Code, Security Automation, and Implementation
- Strong knowledge of business continuity and disaster recovery planning and strategy and implementation in on-premise, cloud, and hybrid environments.
- Strong hands-on experience onboarding GCP, AWS, Azure, On-premise, and Kubernetes security and audit logs data to Splunk
- Knowledge of security observation, monitoring, logging, forensic investigation, advanced threat hunting, and alerting leveraging Datadog and Splunk.
- Knowledgeable in conducting Information Systems Security Audits.
- Experienced in DevSecOps culture, practices, methodologies, and automating security controls into CI/CD processes
- Strong knowledge of infrastructure as code, configuration management, and automation, Ansible, Terraform
- Knowledge of mobile applications, web applications, and systems vulnerability detection, rating, and remediation.
- Knowledge of Windows and Linux patch management and related security functions (authentication, encryption, SSL, Ciphers, etc.)
- Strong Knowledge of Application Security, SAST, DAST, IAST, RAST, testing, and remediation.
- Strong hands-on experience with Palo Alto Firewall and Cisco network devices.
- Excellent knowledge of Infrastructure Security in Nutanix and VMware systems (open to other security data protection) and platforms, storage and database -backup and recovery in GCP, AWS, and on-premise.
- Ability to set up a standard Vulnerability Management Lab to conduct Penetration Testing, Vulnerability Scanning, Observability, and Security Monitoring tools, etc.
- Ability to interpret and translate ISO 27000, NIST Framework, GLI-33 control objectives and implement cost-effective administrative, technical, and physical controls to achieve security objectives and continuously maintain compliance.
- Experience with information security frameworks and best practices (i.e CIS. NIST, PCI-DSS, PIPEDA, OWASP, ISO/IEC 27000, privacy regulations, etc.) combined with SOC 2, and SOC 2+ audit and certification.
- Excellent knowledge of Cyber Kill Chain, Zero Trust model, Offensive Security, and advanced persistent threat (APT) detection, containment, and eradication.
- Experienced in Security Incident Management Life-Cycle, security operations, and operations security
- Experienced in conducting information security threat modeling, quantitative and qualitative risk analysis, and ability to assign a dollar value to risk.
- Ability to collaborate with teams, understand security and systems solution requirements, decompose requirements into manageable units (work packages) and track project deviation from scheduled time-lines using earned value techniques up to closure.
- Excellent communication skills with the ability to convey complex technical information to various levels of the organization.
- Demonstrated problem-solving, capacity planning, and process creation skills
- Problem-solving, active listening skills combined with great attention to detail and lack of prejudice.
Nice to Have Skills:
- Knowledge of Computer Assisted Audit Techniques (CAAT)
- Experienced in information systems and security design, architecture, development, and integration combined with architectural tools such as SPARX and UML tools.
- Knowledgeable in ITIL, Agile, BABoK, and PMBoK project management practices and methodologies
- Experienced in Key Management Systems, Certificate Management, Hashicorp vault, Venafi, EJBCA, and knowledge of cryptology and cryptanalysis.
- Preferred certifications; CISSP, CCIE, CISA, CEH, CASE, CASS, CSSLP, GWEB, CCSP, RHCE, MCSE, AWS certifications (Security Specialty, DevOps, and Solutions Architect), and GCP certification (DevOps Engineer, and Solutions Architect)
- Programing languages elixir, Java, C#, and C++ with strong scripting experience in (Python, Bash, Powershell, etc)