DevSecOps Engineer

Role: DevSecOps Engineer.

Location: Brampton ON (Onsite).

Duration: Long Term Contract.

Job Summary:

• We are seeking a highly skilled and motivated DevSecOps Engineer to join our dynamic this role you will be instrumental in designing implementing and maintaining secure scalable and resilient cloud infrastructure across multiple platforms (AWS Azure OCI and GCP) using Infrastructure as Code (IaC) principles.
• You will champion security best practices throughout the software development lifecycle (SDLC) and automate infrastructure provisioning configuration management and embedding security controls at every stage.
• The ideal candidate will have deep expertise in Ansible and Terraform coupled with strong development skills and a passion for automation and security.

Key Responsibilities:

Infrastructure as Code (IaC) Development & Management:

• Design develop and maintain reusable Terraform modules and Ansible playbooks/roles for provisioning and configuring cloud resources across AWS Azure OCI and GCP.
• Implement and manage IaC pipelines for automated infrastructure deployment updates and decommissioning.
• Ensure IaC practices adhere to security policies compliance requirements and industry best practices.

Automation & CI/CD:

• Develop and enhance CI/CD pipelines for both infrastructure and application deployments integrating security best practices.
• Automate routine operational tasks security checks and compliance reporting .i.e. golden image baking.
• Script solutions for automation tasks using languages like Python bash and Ansible tool.

Cloud Security & Governance:

• Research for security best practices from vendor recommendations Implement and manage cloud security controls including IAM (roles policies service principals) network security (Security Groups NSGs WAFs) data encryption and secrets management.
• Define and enforce security policies and compliance standards (e.g. CIS Benchmarks SOC 2 NIST) using Policy as Code & IAC tools where applicable.
• Support security assessments and vulnerability scans on cloud infrastructure.
• Respond to and remediate security incidents and vulnerabilities.

Multi-Cloud Platform Expertise:

• Provide expert-level support and guidance for infrastructure on AWS Azure OCI and GCP.
• Design and implement secure and scalable network architectures (VPCs/VNets subnets routing load balancing DNS) in multi-cloud environments.
• Optimize cloud resource utilization and costs.

Collaboration & Mentoring:

• Collaborate closely with development operations and security teams to foster a DevSecOps culture.
• Provide technical guidance and mentorship to junior team members.
• Document infrastructure designs configurations and operational procedures.

Required Qualifications & Skills:

• Education: Bachelors degree in computer science Engineering or a related field or equivalent practical experience.

Experience:

• 5 years of experience in a DevOps SRE or Cloud Engineering role with a strong focus on security.
• Proven experience designing and implementing Infrastructure as Code solutions using Terraform in production environments across multiple cloud providers.
• Extensive experience with configuration management tools particularly Ansible.
• Deep understanding and hands-on experience with at least two major cloud platforms (AWS Azure OCI GCP) with a strong willingness to work across all four.

Technical Skills:

• Proficiency in scripting languages (e.g. Python Bash KQL PowerShell).
• Strong understanding of networking concepts (TCP/IP DNS HTTP VPNs Load Balancing Firewalls).
• Experience with containerization technologies (Docker Kubernetes) and their security aspects.
• Familiarity with CI/CD tools (e.g. GitLab CI Azure DevOps GitHub Actions).
• Experience with logging monitoring and alerting tools (e.g. Sentinel CloudWatch Azure Monitor).
• Solid understanding of security principles including IAM network security data encryption vulnerability management and incident response.
• Experience with secrets management tools (e.g. HashiCorp Vault AWS Secrets Manager Azure Key Vault).

DevSecOps Mindset:

• Passion for automating security controls and integrating security into the development lifecycle (Shift Left).
• Strong problem-solving and analytical skills.
• Excellent communication and collaboration abilities.
• Ability to work independently and as part of a team in a fast-paced environment.

Preferred Qualifications:

• Relevant cloud certifications (e.g. AWS Certified DevOps Engineer Azure DevOps Engineer Expert OCI Architect Professional Google Professional Cloud DevOps Engineer).
• Security certifications (e.g. CISSP CCSP CompTIA Security).
• Experience with Policy as Code tools (e.g. Open Policy Agent Sentinel).
• Familiarity with serverless architectures and security considerations.
• Experience with GitOps practices.