Security Engineer (ID#5228)

Get AI-powered advice on this job and more exclusive features.

This range is provided by New Value Solutions. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

CA$70.00 / hr - CA$90.00 / hr

New Value Solutions, a national IT consulting company, is seeking a Security Engineer to join a DevSecOps team focused on security in SDLC. This will involve secure design review, threat modelling, secure code reviews, penetration testing, and security controls.

Responsibilities

• Perform threat modeling for identification and mitigation of security threats as part of product / application design and architecture.
• Perform secure code reviews, secure design reviews, and penetration (black and white box) testing for applications / products.
• Perform SCA / SAST / DAST analysis using industry tools, embed the tools and security processes into CI / CD pipelines.
• Create and maintain Azure security policy to ensure the secure deployment of cloud components / applications / platforms.
• Perform design, development, integration, and sustainment of security building blocks that provide confidentiality, integrity, availability, authentication, and non-repudiation for software products built by DevOps teams.
• Manage vulnerability management and risk management processes through the system development lifecycle (planning, design, development, testing, release)
• Define security controls, perform user stories for security consults for applications / product teams based on solution design and security requirements of a product.
• Support security quality and assurance of products using various security test tools.
• Perform validation and tuning of security testing tools to provide accurate and actionable results.
• Coordinate with members of a DevOps team to provide guidance in the development and integration of secure design practices into the product development lifecycle.
• Deliver training to DevOps developers on secure coding practices and hacking techniques to embed knowledge of security into the development process.
• Drive the selection, POC, implementation and operational deployment of new security technology solutions to ensure the security (confidentiality, integrity and availability) of business data related to the DevOps development lifecycle.
• Ensure application and infrastructure architectural solutions are secure, and compliant with policies and standards.
• Perform security monitoring of solutions through the development lifecycle and participate as a subject matter expert in security incident response scenarios.
• Cross train with other specialists, and coach team members and other employees.

Requirements

If you have the necessary expertise and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those shortlisted will be contacted.

#J-18808-Ljbffr