Cloud Security Developer at nesto ensuring security of cloud infrastructure and applications. Collaborating with teams to implement and maintain robust security practices in a dynamic environment.
Responsibilities
Implement and maintain robust security controls to protect our cloud infrastructure and applications.
Discover, remediate, and validate security issues across the cloud infrastructure.
Conduct security-focused architecture and design reviews and provide timely, actionable requirements and recommendations.
Collaborate with security leadership, compliance teams, and engineering teams to execute security strategies.
Build, deploy, and manage security tools such as WAF, IDS/IPS, workload protection, GCP Security Command Center, Azure Security Center, etc.
Propose and contribute to security and compliance improvements for nesto's CI/CD pipelines and deployment processes.
Automate infrastructure provisioning and deployment processes using Infrastructure as Code (IaC) tools such as Terraform or Pulumi.
Design and operate scalable processes to provision cloud access and maintain the principle of least privilege.
Participate in and support the detection and incident response process by improving observability and alerts, and assisting the incident response team.
Self-organize and prioritize activities autonomously.
Support first‑party security audits and security questionnaires.
Conduct and oversee security assessments and threat modeling exercises.
Implement security controls within Kubernetes.
Build DevSecOps tools and integrations.
Requirements
5+ years of experience on an infrastructure- and/or security-focused team.
5+ years of development experience (ideally GoLang, TypeScript/JavaScript).
Knowledge of common web application vulnerabilities and the OWASP Top 10 framework.
Ability to analyze and act on results from DAST and SAST tools (e.g., Tenable, Snyk).
Strong understanding of DevSecOps principles and familiarity with CI/CD pipelines (GitHub Actions, Argo CD, Azure DevOps) to perform automated security testing.
Experience deploying and customizing security tooling to address threats and reduce risk, including vulnerability scanners, static analyzers, web application firewalls (WAF), intrusion detection/prevention systems (IDS/IPS), and endpoint security monitoring.
Deep understanding of cloud and network security, including in-depth knowledge of Kubernetes.
Experience with GCP, specifically with one or more of the following services: Security Command Center, GKE, Cloud IDS, Cloud Armor, and Secrets Manager.
Experience with Azure, specifically with one or more of the following services: Security Center, Azure PaaS App Services, VMs, Azure SQL, Front Door, and Key Vault.
Experience writing infrastructure-as-code using tools such as Terraform, Pulumi, and Helm.
Familiarity with common security frameworks and benchmarks such as CIS, NIST, and MITRE ATT&CK.
Understanding of identity and access management (IAM) principles and cloud-native IAM solutions.
Passionate about continuous learning and knowledge sharing.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.