Cloud Security Developer at nesto designing and maintaining cloud security solutions. Collaborating with teams to ensure security and integrity of cloud infrastructure.
Responsibilities
Implement and maintain robust security controls to protect our cloud infrastructure and applications.
Discover, remediate, and validate security issues across cloud infrastructure.
Perform architectural/design reviews through a security lens and provide timely, actionable requirements and recommendations.
Collaborate with security leadership, compliance, and engineering teams to execute security strategies.
Build, deploy, and manage security tools such as WAF, IDS/IPS, workload protection, GCP Command Center, and Azure Security Center, etc.
Propose and contribute to security and compliance improvements for nesto CI/CD pipelines and deployment processes.
Automate infrastructure provisioning and deployment processes using Infrastructure as Code (IaC) tools like Terraform or Pulumi.
Design and operate scalable processes to provision cloud access and maintain least privilege.
Participate in and support the incident detection and response process by enhancing observability and alerting and assisting the incident response team.
Self-organize and prioritize activities independently.
Support audits and first-party security questionnaires.
Conduct and oversee security assessments and threat modeling exercises.
Implement security controls within Kubernetes.
Build DevSecOps tools/integrations.
Requirements
5+ years of experience working on a team focused on infrastructure and/or security.
5+ years of development experience (ideally GoLang, TypeScript/JS).
Knowledge of common web application vulnerabilities and the OWASP Top 10 framework.
The ability to analyze and act on results from DAST and SAST tools (e.g., Tenable, Snyk).
Skilled in DevSecOps principles and familiarity with CI/CD pipelines (GitHub Actions, Argo CD, Azure DevOps) to perform automated security testing.
Experience deploying and customizing security tools to address threats and lower risk, including vulnerability scanners, static analyzers, web application firewalls (WAFs), intrusion detection/prevention systems (IDS/IPS), and endpoint security monitoring.
A comprehensive grasp of cloud and network security, including an in-depth understanding of Kubernetes.
Experience in GCP specifically with one or more of the following services: Security Command Center, GKE, Cloud IDS, Cloud Armor, and Secrets Manager.
Experience in Azure specifically with one or more of the following services: Security Center, Azure PaaS App Services, VMs, Azure SQL, Front Door, and Key Vault.
Experience writing infrastructure-as-code using tooling such as Terraform, Pulumi, and Helm.
Knowledge of common security-related frameworks and benchmarks like CIS, NIST, and MITRE ATT&CK.
An understanding of identity and access management (IAM) principles and cloud-native IAM solutions.
Passionate about constant learning and sharing knowledge with others.
Bilingual (English & French).
Benefits
Premium benefits plan fully paid by nesto, including comprehensive insurance and unlimited access to telemedicine and mental health services for you and your family.
4 weeks of vacation to ensure you stay at peak performance.
Access to the resources and tech you need to execute without friction.
The environment that makes you productive and enables teamwork (Hybrid model).
Senior Technology Architect (Cyber Security & Network Security) needed for a hybrid contract with the Ontario government. 10+ years experience required.
Security Advisor developing and overseeing security measures aligned with corporate goals at Desjardins Group. Diagnosing risks and advising on security policies and solutions.
Business Unit Security Officer conducting risk assessments for technology systems and applications. Collaborating with engineering teams and managing cloud - based security measures at Manulife.
Manager Cyber Cloud Security and AI at PwC protecting organizations from cyber threats. Leading cybersecurity strategy focused on AI security, team collaboration, and stakeholder engagement.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.