Cybersecurity Engineer

at  GS1 Canada

DESCRIPTION

This is your opportunity to play a pivotal role in the evolution of GS1 Canada’s technology platform, transforming it into a cloud-based, modernized, and secure infrastructure. As a Cybersecurity Engineer, you will evaluate, design, test, and implement industry-leading cybersecurity principles and practices to safeguard data assets processed, stored, or transmitted within the GS1 Canada environment. This role focuses on defining and maintaining cybersecurity reference architectures and standards across all environments, including private and public cloud platforms.
Are you ready to elevate your expertise? Beyond day-to-day security tasks, you will drive the maturity of our security program and contribute to strategic and tactical initiatives that align with GS1 Canada’s cloud-first vision. You’ll collaborate with multidisciplinary teams to design innovative security solutions, protect critical systems, and integrate robust safeguards across cloud infrastructures.
As part of the Cybersecurity Team, you will act as the critical liaison between security operations and cloud infrastructure, development, and support teams. This role offers the opportunity to tackle advanced security challenges, uphold the highest integrity, and leave a lasting impact on the organization while fostering growth and learning in a collaborative and passionate environment.

REQUIRED KNOWLEDGE, SKILLS & EXPERIENCE

• 5+ years of experience as a Cloud Security Specialist or similar role.
• Expertise in cloud-based security solutions and automation for enterprise environments with strong expertise in Azure.
• Possess recognized security certifications such as CCSP, SSCP, CISSP, or cloud-specific credentials is required
• Apply in-depth knowledge of network and application security, infrastructure hardening, and CI/CD security processes.
• Strong knowledge of security tools such as IAM, SIEM, IDS/IPS, SAST, and IAST to enhance security operations.
• Previous experience in implementation of authentication and authorization standards, including OAuth, OpenID, and SAML.
• Ensure compliance with security frameworks like CSA, ISO 27017, and other relevant standards.
• Ability to provide leadership in security engineering, secure software development, and security operations across the organization.
• Proven ability to leverage expertise in identity federation, certificate management, and baseline security controls.
• Strong communication skills with technical and non-technical audiences to develop strategies, policies, standards and awareness.
• Effectively prioritize competing tasks, collaborate across disciplines, and build strong teams to achieve deadlines.

• Assess, design, and implement security controls, configurations, patches, and compensating measures for endpoints, servers, and networking equipment.
• Ensure vulnerability management through tracking, hardening, patching, scanning, reporting, and pen-testing.
• Conduct security reviews, provide guidance on secure coding practices, and perform Static and Dynamic Application Security Testing (SAST & DAST).
• Collaborate with development and QA teams to integrate secure coding practices and bolster cloud security across AWS, Azure, containers, and Infrastructure-as-Code (IaC).
• Maintain compliance with standards such as NIST, SOC2, ISO 27017, and OWASP.
• Support incident response efforts, manage postmortem analyses, and recommend preventative measures.
• Manage security tools, including Web Application Firewalls (WAF), and perform application, API, and database vulnerability assessments.
• Lead the Application Security Program and implement security solutions to meet compliance and audit requirements.
• Engage in DevSecOps practices and provide training to foster a security-conscious culture.
• Collaborate with IT and stakeholders to establish risk management strategies and enhance Endpoint, Network, and Security Monitoring.
• Investigate and resolve security violations while recommending security architecture improvements.
• Document and automate security processes for public/private cloud and SaaS environments. Collaborate with DevOps teams to integrate security into CI/CD pipelines and maintain robust processes.