Internal SecOps Engineer
We currently have an openingfor a SecOps Engineer position in Toronto Ontario Canada . Below youll find thedetailed job description.
This role offers fulltime employment withthe flexibility of 100% remote work . Howevercandidates must be situated within Canadian borders.
Responsibilities :
Monitor evaluate and maintain systems and procedures tosafeguard infrastructure databases and Webbasedsecurity.
Identify integrate monitor and improve infoseccontrols by understanding business processes. Assist in definingsecurity requirements and review of systems to determine if theyhave been designed to comply with established security standards.
Help in developing new standards as necessary.
Conductvulnerability assessments and monitor systems for potentialsecurity concerns. Design and configure infrastructure systems tohelp mitigate findings and improve security posture.
Assist with security architecture reviews and conduct threatmodeling exercises as new products and features are rolledout
Research security trends new methods and techniquesused in unauthorized access of data to preemptively eliminate thepossibility of a system breach.
Respond to alerts frominformation security tools and triage and analyze potentialsecurity issues
Troubleshoot security system and relatedissues.
Collaborate and maintain relationships withvarious engineering teams across the organization to communicateand remediate security issues in a timely manner
Educateengineering teams on security best practices and promote securityby design
Ensure compliance with regulations and privacylaws.
Skills Required :
Minimum 5years of experience working in security or relatedindustry
Proficient in one or more programming languagessuch as React Python Ruby etc.
Minimum 2 years of experience in secure coding / development
Effectivecommunication skills and experience collaborating with engineeringteams
Have a deep understanding of common Infrastructure security vulnerabilities
Demonstrated expertise in the Infrastructure security domain
Understanding of Infrastructure security in the context of SDLC and CICD
Experience working in all parts of the Infrastructurelifecycle
Effective in communicating securityvulnerabilities to key stakeholders
Cloud SecurityCertifications like AWS Certified SecuritySpecialty are preferred.