Key skills
AWSCloudGoogle Cloud PlatformKubernetesSDLCTerraformGCPGoogle CloudIAMCI/CD
About this role
Role Overview
- Own platform security and reliability improvements across our GCP environment.
- Harden identity and network controls in GCP (IAM patterns, service accounts and workload identity, organization policies, and network segmentation controls).
- Build security into CI/CD by implementing and enforcing scanning and policy controls (SAST, SCA, secret detection, and container/image scanning).
- Drive vulnerability management and supply chain risk reduction across services, dependencies, container images, and build pipelines.
- Lead threat modeling and security design reviews for new features and material architecture changes.
- Improve security observability and detection quality by tuning telemetry, reducing noise, and building high-signal detections and dashboards.
- Lead investigations and coordinate incident response for security alerts and incidents, and drive follow-ups from post-mortems into preventative improvements.
- Champion secure SDLC practices through standards, documentation, guardrails, and coaching for product engineering teams.
- Define and maintain end-user device security standards, including requirements for security agents such as EDR and remote access tooling, and partner with stakeholders for operational execution.
- Support compliance and audit readiness by conducting internal security reviews and helping align practices with frameworks and regulations (SOC 2, GDPR, NIST), including evidence support where needed.
Requirements
- 5+ years of relevant experience spanning cloud infrastructure and security (DevSecOps, platform security, security engineering, SRE with strong security focus).
- Deep hands-on experience with GCP (preferred) or AWS, including strong fundamentals in cloud networking and identity.
- Strong hands-on experience with Kubernetes and service networking.
- Strong Infrastructure-as-Code skills (for example Terraform) and the ability to build reusable, maintainable automation.
- Practical experience integrating security into CI/CD and engineering workflows, including scanners and policy enforcement.
- Experience with incident response: investigation, coordination, post-incident follow-through, and continuous improvement.
- Experience with vulnerability management and software supply chain risk.
- Comfortable partnering cross-functionally and driving work end-to-end in ambiguous areas.
Tech Stack
- AWS
- Cloud
- Google Cloud Platform
- Kubernetes
- SDLC
- Terraform
Benefits
- Competitive salaries with RRSP/401k matching and comprehensive medical, dental, and health insurance.
- A flexible time-off policy and the choice to work remote, hybrid, or from our Toronto HQ.
- Stipends for your home office setup and continuous professional learning.
- The opportunity to do high-impact work at a mission-driven organization.