Safe FleetRemote
Senior Cybersecurity Engineer
Canada
Full Time
2 weeks ago
$120,000 - $150,000 CAD
H1B Sponsor
Key skills
AzureCloudCyber SecurityDockerJenkinsLinuxIAMGitHubCloudflareJiraConfluenceCI/CDCollaborationSonarQubePenetration TestingCloud SecurityWAF
About this role
Role Overview
- Lead, manage, and perform ongoing cybersecurity activities and related tasks, ensuring alignment with the Director of Cloud Engineering, Cybersecurity, and Compliance.
- Lead, define, and implement the vulnerability remediation program for applications (software & firmware) and cloud infrastructure.
- Maintain end-to-end visibility on the overall impact of remediation efforts.
- Design and implement industry standard technical security measures for software and cloud infrastructure, leveraging frameworks such as GovRAMP/StateRAMP, NIST 800-53.
- Liaison with SOC Team for ensuring real-time and accurate monitoring and reporting of prevention and detection activities.
- Identify opportunities for improvement in collaboration with the SOC team.
- Provide recommendations for initiatives to enhance the company’s cybersecurity and operational resilience.
- Review architecture and make recommendations for improvements and new solutions.
- Spearhead and design the end-to-end execution of the company’s Recovery Strategy.
- Lead the implementation of robust containment and eradication strategy for the Azure cloud platform and hosted applications.
- Design the Incident Response Plan for isolation of potential issues, implement mitigation and hardening measures.
- Implement data loss prevention measures in Azure to protect sensitive information.
- Manage identity and authentication measures in Azure and identify mechanisms to enhance security.
- Recommend solutions to suit business requirements and enhance measures for encryption of data in transit and at rest.
- Support management in periodic reporting of the cybersecurity posture and provide necessary evidence for the ongoing audits.
- Advise on implementation of cloud security measures, IAM, WAF, and MS Defender policies.
- Prepare and maintain comprehensive security reports, logs, and documentation.
- Knowledge of embedding security into the CI/CD pipeline and development processes utilizing GitHub Advanced Security.
- Gathering and utilizing threat intelligence to proactively defend the environment.
Requirements
- 5+ years of experience in leading diverse cybersecurity initiatives from design through implementation and adoption for applications and cloud infrastructure (Azure).
- Experience with Microsoft Azure, GitHub Advanced Security, SonarQube, MS Defender for Cloud, Zscaler, Tenable
- Experience with Jenkins, GitHub, Docker, and general workflow of CI/CD pipelines.
- Windows, Cloudflare, Kali, Linux, (automation)
- Experienced conducting penetration testing for applications, networks, and cloud infrastructure.
- Experience with Hardware devices or components is a good to have.
- Experience in analyzing vulnerabilities, conduct assessments, evaluating the environment for potential threats and experience with providing and implementing remediation solutions is expected.
- Knowledge with SIEM (Microsoft Sentinel) and EDR tools (SentinelOne)
- Solid knowledge of IAM, WAF, vulnerability management, and incident response
- Knowledge of DevSecOps practices and CI/CD integration
- Experience with forensic tools and disaster recovery planning
- Exposure to threat intelligence platforms and third-party risk tools
- Familiarity with security frameworks (NIST, ISO 27001) and regulatory compliance
- Knowledge of NIST CSF or NIST 800-53 is good to have (partial adoption)
- Familiarity with Jira and Confluence is nice to have.
Tech Stack
- Azure
- Cloud
- Cyber Security
- Docker
- Jenkins
- Linux