Senior DevSecOps Engineer at Clearco improving cloud security, implementing CI/CD security, and ensuring compliance.
Responsibilities
Own platform security and reliability improvements across our GCP environment.
Harden identity and network controls in GCP (IAM patterns, service accounts and workload identity, organization policies, and network segmentation controls).
Build security into CI/CD by implementing and enforcing scanning and policy controls (SAST, SCA, secret detection, and container/image scanning).
Drive vulnerability management and supply chain risk reduction across services, dependencies, container images, and build pipelines.
Lead threat modeling and security design reviews for new features and material architecture changes.
Improve security observability and detection quality by tuning telemetry, reducing noise, and building high-signal detections and dashboards.
Lead investigations and coordinate incident response for security alerts and incidents, and drive follow-ups from post-mortems into preventative improvements.
Champion secure SDLC practices through standards, documentation, guardrails, and coaching for product engineering teams.
Define and maintain end-user device security standards, including requirements for security agents such as EDR and remote access tooling, and partner with stakeholders for operational execution.
Support compliance and audit readiness by conducting internal security reviews and helping align practices with frameworks and regulations (SOC 2, GDPR, NIST), including evidence support where needed.
Requirements
5+ years of relevant experience spanning cloud infrastructure and security (DevSecOps, platform security, security engineering, SRE with strong security focus).
Deep hands-on experience with GCP (preferred) or AWS, including strong fundamentals in cloud networking and identity.
Strong hands-on experience with Kubernetes and service networking.
Strong Infrastructure-as-Code skills (for example Terraform) and the ability to build reusable, maintainable automation.
Practical experience integrating security into CI/CD and engineering workflows, including scanners and policy enforcement.
Experience with incident response: investigation, coordination, post-incident follow-through, and continuous improvement.
Experience with vulnerability management and software supply chain risk.
Comfortable partnering cross-functionally and driving work end-to-end in ambiguous areas.
Benefits
Competitive salaries with RRSP/401k matching and comprehensive medical, dental, and health insurance.
A flexible time-off policy and the choice to work remote, hybrid, or from our Toronto HQ.
Stipends for your home office setup and continuous professional learning.
The opportunity to do high-impact work at a mission-driven organization.
Site Reliability Engineer focusing on maintaining and supporting Linux - based systems at HYVE Solutions. Collaborating with users and dev teams to ensure system stability and incident resolution.
Senior Software Engineer in DevOps at Conga, designing scalable cloud infrastructure for revenue lifecycle management solutions. Collaborating with teams to enhance CI/CD practices and operational excellence.
Senior technical leader responsible for designing cloud infrastructure and advancing DevOps practices at Conga. Collaborating with Engineering, Product, Security, and Operations teams to enhance software delivery.
Senior DevOps Engineer designing and implementing GenAI solutions at Financeit, driving innovation in financial operations. Collaborating with teams to leverage AI in solving complex problems.
Director, Release Train Engineer at Sun Life overseeing Agile Release Trains for digital products. Fostering Agile practices and enhancing end - to - end value delivery in a collaborative environment.
Release Manager managing end - to - end release process for data and BI. Collaborating with support teams for smooth go - lives and resolution of issues.
Senior Site Reliability Engineer managing reliability for a large scale SaaS platform. Leading incident response and improving infrastructure resilience with a global engineering team.
DevSecOps role to build and own the security function at Growe Talents, assessing security posture and implementing controls across the development lifecycle.
Site Reliability Engineer ensuring systems operate smoothly, quickly restore services during incidents, and minimize customer impact at PointClickCare. Designing and maintaining monitoring solutions to improve reliability.