Location: Montreal
Bilingual: French/English
Security isn’t a bolt-on—it’s built in. We’re seeking a DevSecOps Engineer who brings a security-first mindset to modern software and infrastructure delivery. At CGI, you’ll work across teams to integrate security seamlessly into cloud-native workflows. You will collaborate with cross-functional teams and work hands-on in designing, building, and enhancing cloud-based architectures, engineering standards, and operational excellence strategies. This role will place you at the heart of innovation, where your deep technical knowledge and strategic thinking will have a tangible impact on both our clients and CGI’s future cloud initiatives. If you’re a proven leader in your field and ready to shape the future of cloud technology in a dynamic, client-facing environment, we want to hear from you. This is your opportunity to work with cutting-edge technologies, influence industry-leading transformations, and be part of a collaborative, innovative team at CGI.
Who are You?
You don’t just spot vulnerabilities—you prevent them. You automate checks, embed policy into code, and champion security from the first line of YAML. You’re as comfortable in a security review as you are in a pipeline file. You are a strong communicator, equally comfortable in high-level strategic conversations and low-level technical design discussions. You understand what it takes to bridge gaps between business goals and technical execution. With a mindset rooted in continuous learning, you champion modernization, automation, and pragmatic transformation. You are trusted by stakeholders for your sound judgment, admired by peers for your depth of knowledge, and valued by teams for your ability to elevate the work around you. At CGI, we recognize top talent and give it the space and support to thrive.

YOUR FUTURE DUTIES AND RESPONSIBILITIES

• Embed security into CI/CD workflows, IaC, and runtime environments. This includes close collaboration with teams to ensure best practices are shared and adopted.
• Implement scanning tools (SAST, DAST, secret detection) in pipelines. This includes close collaboration with teams to ensure best practices are shared and adopted.
• Work with developers to improve secure coding practices. This includes close collaboration with teams to ensure best practices are shared and adopted.
• Design and enforce security controls using cloud-native services. This includes close collaboration with teams to ensure best practices are shared and adopted.
• Collaborate with security, compliance, and DevOps teams on shared goals. This includes close collaboration with teams to ensure best practices are shared and adopted.

REQUIRED QUALIFICATIONS TO BE SUCCESSFUL IN THIS ROLE

• 3+ years in cloud security or DevSecOps roles. A commitment to continuous improvement and a drive to stay at the forefront of industry trends is essential.
• Hands-on with AWS, Azure, or GCP security tools. A commitment to continuous improvement and a drive to stay at the forefront of industry trends is essential.
• Knowledge of container and serverless security practices. A commitment to continuous improvement and a drive to stay at the forefront of industry trends is essential.
• Fluent in French and English. A commitment to continuous improvement and a drive to stay at the forefront of industry trends is essential.
• Strong scripting and automation skills (Python, Bash, etc.). A commitment to continuous improvement and a drive to stay at the forefront of industry trends is essential.

Proficiency with the following or similar technologies is required or strongly preferred:

• Security scanning and compliance tools integrated with CI/CD pipelines (e.g., SonarQube, Snyk)
• Secrets management tools (e.g., Vault, AWS Secrets Manager)
• DevOps toolchains supporting secure delivery (e.g., GitLab, Jenkins, Azure DevOps)
• Cloud security and compliance platforms (e.g., Azure Security Center, GCP SCC)
• Expertise in implementing DevSecOps pipelines using tools like GitLab, Jenkins, or Azure DevOps.
• Familiarity with secrets management tools like HashiCorp Vault or AWS Secrets Manager.
• Experience conducting threat modeling and security risk assessments.
• Knowledge of compliance frameworks (SOC2, ISO27001, GDPR).

LI-AB19