Staff/Principal Security Engineer

Toronto/Vancouver

SUMMARY:

We are looking for someone who will apply their extensive knowledge of secure software development lifecycle practices, regulatory and standards based compliance, and the information security industry ecosystem to maintain and improve our client's security posture. The role will support and evangelize our client's heavy emphasis on security by providing expertise around architecture, design, and development of cloud and on-premise based applications, additionally providing mentorship and creating awareness through the use of security programs.

 

WHAT YOU'LL DO:

  • Define secure development lifecycle and related practices Lead, develop and implement security solutions at application and infrastructure level

  • Analysis and remediation for security gaps, vulnerabilities and incidents

  • Manage and execute all security audits and reviews both internally and externally

  • Perform threat analysis and modeling at application and infrastructure levels

  • Planning, road-mapping, and alignment of InfoSec programs to support our client's growing business needs

  • Support sales and customer success efforts on security needs and related topics

  • Create and document policies, procedures, and standards for both internal and external InfoSec measures and initiatives.  This includes but is not limited to meeting compliance and regulatory standards, certifications, managing audits, etc. 

  • Lead and influence decision making through cross-functional collaboration as it relates to InfoSec.

 

SKILLS/QUALIFICATIONS:

    • Passion for information security

    • Experience having developed product security within a secure development lifecycle for a SaaS product

    • Knowledge and expertise in securing production infrastructures for both on-prem and cloud deployments 

    • Experience with regulatory and standards based compliance (SOC 2, GDPR, ISO 27001,...)

    • Multi-cloud expertise (AWS, Azure, GCP)

    • Adaptability, creativity and interest for new challenges

    • Strong communication skills (oral, written and presentation)

    • Ability to communicate security/technology topics to non-technical audiences

    • 7+ years of experience in information security

    • Technical leadership and people management skills

    • Python proficiency

© 2020 DevTalent Inc. 

  • LinkedIn
  • Instagram
  • YouTube
  • Facebook