Job#: 3041766
Job Description:
SecDevOps Engineer
Client: Big 5 Bank
Location: Hybrid Downtown Toronto, Ontario
Terms: 1 year possibility of extension
Job Summary
We are seeking a highly skilled and hands-on SecDevOps Engineer with a strong development background to provide end-to-end DevSecOps support for a large mobile portfolio (front and back-end). This role is highly development-focused, requiring an engineer who can write, program, and maintain the code that powers our CI/CD pipelines, ensuring security is automated into every build.
Key Responsibilities:
- Pipeline Code Development:Write, script, and program robust and efficient CI/CD pipelines using tools like Jenkins and GitHub Actions. This role requires a heavy development mindset to ensure seamless operation from repository commit through to deployment.
- Security Scanning Automation:Integrate and manage security scanning tools (SAST and DAST frameworks, Fortify, etc.) directly into the build pipelines. Ensure all code and Docker images going into production are correctly and comprehensively scanned.
- End-to-End Delivery Assurance:Own the delivery function from a security and development perspective, focusing on ensuring scans are correctly run and that all builds are running against the correct set of validated While the team ensures scans are run, a separate team is responsible for the remediation and support of identified vulnerabilities.
- Operational Support & Improvement (Day-2 Support):Perform daily operational duties, including troubleshooting and supporting deployments for new features and older applications. This includes improving the existing pipeline architecture and assisting with new integrations and feature development support.
- Best Practices Evangelism:Ensure security best practices are actively applied and covered within the development and build processes across the supported application portfolio.
Required Technical Qualifications
- 3+ years of dedicated experience in a SecDevOps, DevSecOps, or Security Automation role.
- Strong Development/Programming focus within a DevOps context (experience writing code in pipelines is essential).
- Deep expertise in setting up, maintaining, and coding automation jobs in Jenkins and/or GitHub Actions.
- Hands-on experience integrating and utilizing industry-standard security scanning tools (SAST/DAST frameworks, Fortify).
- Experience with containerization security, specifically with Docker images.
- Working knowledge of security principles applied across mobile application lifecycles (front and back-end).
- Proficiency with CI/CD tooling (, Jenkins, GitLab CI, Azure DevOps, Harness).
- Expertise in Infrastructure as Code (IaC) tools, specifically Terraform or CloudFormation.
Apex pay scales are determined by role, experience, skill set, and location. For this new position, the estimated hourly range is provided below as a guideline; however, total compensation may vary based on individual circumstances.
- Role Type: Current opening
- Location: Ontario
- Hourly Range: $40-60
Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.
Everforth Apex Benefits Overview: In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA.