Cloud Security Developer

Posted last month

Apply Now

Resume Score

Check how well your resume matches this job before you apply.

Sign in to check score

About the role

  • Cloud Security Developer at nesto ensuring security of cloud infrastructure and applications. Collaborating with teams to implement and maintain robust security practices in a dynamic environment.

Responsibilities

  • Implement and maintain robust security controls to protect our cloud infrastructure and applications.
  • Discover, remediate, and validate security issues across the cloud infrastructure.
  • Conduct security-focused architecture and design reviews and provide timely, actionable requirements and recommendations.
  • Collaborate with security leadership, compliance teams, and engineering teams to execute security strategies.
  • Build, deploy, and manage security tools such as WAF, IDS/IPS, workload protection, GCP Security Command Center, Azure Security Center, etc.
  • Propose and contribute to security and compliance improvements for nesto's CI/CD pipelines and deployment processes.
  • Automate infrastructure provisioning and deployment processes using Infrastructure as Code (IaC) tools such as Terraform or Pulumi.
  • Design and operate scalable processes to provision cloud access and maintain the principle of least privilege.
  • Participate in and support the detection and incident response process by improving observability and alerts, and assisting the incident response team.
  • Self-organize and prioritize activities autonomously.
  • Support first‑party security audits and security questionnaires.
  • Conduct and oversee security assessments and threat modeling exercises.
  • Implement security controls within Kubernetes.
  • Build DevSecOps tools and integrations.

Requirements

  • 5+ years of experience on an infrastructure- and/or security-focused team.
  • 5+ years of development experience (ideally GoLang, TypeScript/JavaScript).
  • Knowledge of common web application vulnerabilities and the OWASP Top 10 framework.
  • Ability to analyze and act on results from DAST and SAST tools (e.g., Tenable, Snyk).
  • Strong understanding of DevSecOps principles and familiarity with CI/CD pipelines (GitHub Actions, Argo CD, Azure DevOps) to perform automated security testing.
  • Experience deploying and customizing security tooling to address threats and reduce risk, including vulnerability scanners, static analyzers, web application firewalls (WAF), intrusion detection/prevention systems (IDS/IPS), and endpoint security monitoring.
  • Deep understanding of cloud and network security, including in-depth knowledge of Kubernetes.
  • Experience with GCP, specifically with one or more of the following services: Security Command Center, GKE, Cloud IDS, Cloud Armor, and Secrets Manager.
  • Experience with Azure, specifically with one or more of the following services: Security Center, Azure PaaS App Services, VMs, Azure SQL, Front Door, and Key Vault.
  • Experience writing infrastructure-as-code using tools such as Terraform, Pulumi, and Helm.
  • Familiarity with common security frameworks and benchmarks such as CIS, NIST, and MITRE ATT&CK.
  • Understanding of identity and access management (IAM) principles and cloud-native IAM solutions.
  • Passionate about continuous learning and knowledge sharing.
  • Bilingual in English and French.

Benefits

  • Employee mortgage program: exclusive preferred rates.
  • Comprehensive health coverage: best-in-class extended health, dental, and vision benefits with 100% prescription drug coverage.
  • Access to a group retirement savings plan (RRSP/DPSP) with competitive employer matching contributions.
  • Telemedicine and family support programs (supplemental benefits for maternity/parental leave).
  • Flexible workplace: fully remote or in one of our offices (Montréal, Quebec City, Toronto, etc.).

Job type

Full Time

Experience level

Mid levelSenior

Salary

Not specified

Degree requirement

Bachelor's Degree

Tech skills

AzureCloudGoogle Cloud PlatformJavaScriptKubernetesSQLTerraformTypeScriptVault

Location requirements

RemoteCanada

Report this job

Found something wrong with the page? Please let us know by submitting a report below.