KUBRA is in growth mode and seeking a talented Platform DevSecOps Engineer to join our DevOps team!
In this role, you will design, build, and operate KUBRA’s Internal Developer Platform (IDP), empowering product teams to deliver, observe, and secure microservices with speed and reliability. This is a software-centric engineering position where you’ll leverage your expertise in Python/Go, Terraform, and Kubernetes to create self-service infrastructure and streamline automation. A key aspect of the role involves integrating and automating AWS managed security services, ensuring security is seamlessly built into the platform without compromising developer productivity.
This is a hybrid position based out of our office in Mississauga, Ontario.

WHAT SKILLS DO YOU NEED?

• 4 + years in Platform Engineering, DevOps or Software Engineering with demonstrable coding experience in Go or Python.
• Deep expertise with Terraform and Git‑Ops workflows.
• Hands‑on operation of Kubernetes and AWS networking.
• Proven track record automating at least one AWS managed service.
• Experience building in or supporting highly‑regulated environments (SOC 2, PCI‑DSS).

• Strengthen the configuration of security related aspects of the KUBRA HQ cloud platform environment including with focus on Kubernetes.
• To ensure success as a Platform DevSecOps Engineer, you should demonstrate experience and creativity in the following areas: Cloud Security, Application Security, Network Security, Systems Security, and Security Automation.
• Develop reusable Terraform modules and Kubernetes policies and templates that abstract cloud complexity.
• Enforce cluster‑wide security guard‑rails using Kyverno (or OPA Gatekeeper) policies, AWS IAM Roles for Service Accounts, network policies and Pod Security Standards.
• Automate policy testing, drift detection and remediation through Git‑Ops pipelines so every upgrade, add‑on or workload remains compliant.
• Automate build, test and release workflows using CircleCI and Argo CD; enforce policy as code and automated security scans.
• Support and improve IaC configurations for some AWS managed services such as AWS WAF.
• Implement security findings pipelines using event‑driven automation to various security tools; collaborate with Security Operations on remediation runbooks.
• Engage with product teams to collect feedback and evolve the platform backlog; run demos, write RFCs and maintain documentation.
• Champion best practices for resiliency, cost optimization and minimal‑friction security.
• Implement security controls and best practices across CI/CD pipelines.
• Provide security guidance to product engineering teams building software applications in compliance with industry standards in public cloud environments.
• Collaborate with development teams to implement secure coding practices.