Application Security Engineer - DevSecOps
at Global Spatial Technology Solutions
Montréal, QC, Canada -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 19 Jan, 2025 | Not Specified | 21 Oct, 2024 | N/A | Cloud Services,Bash,Ecr,Communication Skills,Routing,Sh,Azure,Auditing,Docker,Firewalls,Shell Scripting,Security,Ecs | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
WHAT WE DO
Global Spatial Technology Solutions (GSTS) is a Global Maritime Intelligence company delivering solutions to enhance decision making across the maritime and logistics industry. Our platform, OCIANA, is designed to save lives, energy and the environment on a global scale using innovative data collection and analysis techniques.
GSTS is building up a team to support the continued development and commercialization of this capability that will have a major impact on maritime risk and vessel efficiency on a global scale. We seek individuals with drive, initiative, and motivation to join our team and make the world a safer, greener place for all. Read more at: www.gsts.ca
EXPERIENCE & QUALIFICATIONS
- At least three (3) years of experience with AWS Cloud services, including VPC, Guard Duty, Security Hub, Control Tower, ECS (Fargate), ECR, RDS, IAM, CloudWatch (Logging, Metrics, Alarms)
- Experience in security scanning as a function of CI/CD: SAST, DAST, License auditing
- Experience in developing Continuous Integration / Continuous Delivery pipelines
- Experience in shell scripting (Bash or sh)
- Strong hands-on knowledge of AWS CloudFormation
- Clear understanding of networking technologies including Routing, Load Balancers, Firewalls, WAF, CDNs and DNS
- Proficient in scripting Git/GitLab workflows
- Experience working with containerization tools including Docker and Elastic container service
- Excellent spoken and written communication skills
ADDITIONAL SKILLS AN ASSET
- Experience with other cloud platforms: Azure, GCP
- Experience managing Machine Learning / AI deployments
- Experience in Agile / scrum environments
- Penetration testing experience
- Security practitioner certification
- Valid security clearance held
Responsibilities:
THE ROLE
As Application Security Engineer – DevSecOps, you will be a core member of the GSTS Operations team, jointly responsible for leading the ongoing security, maintenance and development of cloud infrastructure and deployment automation. You will be part of a team that manages platform security as a key priority, involving configuration management activities for the core software products of GSTS. The role requires the capability to automate security and audit activities in relation to code deployment, cloud provisioning, and maintenance actions. You will also manage monitoring and alerting infrastructure that measures the health and security of deployed products. As Application Security Engineer - DevSecOps, you will be key in achieving deployments and infrastructure that meets security and compliance objectives. Your ability to influence policies, document processes, and perform knowledge sharing will be crucial to the role, allowing you to effectively communicate notions of security and identify necessary controls to mitigate risks.
KEY RESPONSIBILITIES
As a member of the GSTS team, Application Security Engineer - DevSecOps will:
- Implement security practices on AWS cloud configurations, and product development and deployment pipelines
- Maintain security testing infrastructure, including CI/CD jobs and ongoing monitoring software configurations
- Participate and host Security Team activities, including simulated incidents and auditing
- Configure and secure network infrastructure to support safe software product delivery
- Support the broader team in developing secure images to underpin containerized deploys
- Participate in Agile rituals throughout the execution of work
- Develop clear and concise documentation of their work, through team interactions in issues/tickets and in contribution to project and audit reporting.
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Proficient
1
Montréal, QC, Canada