About the role

Lead the design and implementation of automated security pipelines (SAST/DAST/SCA), SBOM management, and security-as-code policies. Work with development teams to remediate vulnerabilities and harden Kubernetes and Azure environments.

Responsibilities

Design, implement, and maintain automated security pipelines: SAST, DAST, SCA, container scanning, and IaC scanning
Integrate security tools into existing CI/CD pipelines (Bitbucket Pipelines, Azure DevOps) without introducing excessive friction
Implement and manage an SBOM inventory
Automate vulnerability scanning of container images and third-party dependencies
Define and enforce security policies as code: quality gates, vulnerability thresholds, and configuration compliance
Establish security guardrails for AI agents used in development (GitHub Copilot, generative code tools)
Collaborate with development teams to rapidly remediate vulnerabilities detected in pipelines
Contribute to hardening Kubernetes and cloud (Azure) environments
Document DevSecOps security standards and provide training to development teams
Participate in security impact analyses for change requests

Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or a related field
3–5+ years of DevOps experience with a strong security focus, or experience in application security
Hands-on experience with CI/CD pipelines (Bitbucket Pipelines, Jenkins, Azure DevOps, GitHub Actions)
Practical experience with Kubernetes, Docker, and Azure cloud environments
Experience with application security tools: SonarQube, Snyk, Trivy, Checkov, or equivalents
Proficiency with Infrastructure as Code (Terraform, Ansible) and GitOps practices
Deep knowledge of Kubernetes orchestration platforms and container security
Proficient in scripting/programming for automation (Python, Bash, Go or similar)
Familiarity with security standards: OWASP Top 10, CIS Benchmarks, NIST SP 800-53
Understanding of SBOM concepts (CycloneDX, SPDX) and software supply chain security
Ability to communicate and explain security concerns to development teams in plain language
Fluency in French and English, both written and spoken — a functional level of English is required to participate in collaborative projects serving a pan-Canadian (or global) client base

Hybrid work model aligned with role requirements, with scheduled on-site presence
Vacation starting from the first year
Opportunities for internal advancement
Annual bonus
Group insurance plan (dental, vision, and travel insurance)
Defined-benefit pension plan
Employee wellness: $400 wellness allowance, Employee and Family Assistance Program (EFAP), and telemedicine service