81 Devsecops jobs in Canada

Rattaché au Chief Product & Technology Officer et intégrant une « squad agile », le DevSecOps participe aux projets IaC (infrastructure as code), au maintien en condition opérationnelle de leurs offres en Cloud privé et Cloud public et à la bonne gestion de leurs cycles de vie des environnements techniques liés à leurs solutions SaaS.

Tâches:

Supervision des plateformes privées et publiquesTroubleshooting et réponse aux ticketing entrantsGestion du cycle de vie et de la mise en production (CI/CD)Ecriture de code IaC (Ansible, Terraform, powershell, bash, python …)Relation avec nos cloud providers (IBM Cloud, Azure, AWS)Gestion des serveurs et ressources dans un environnement de dev (Azure DevOps)Surveillance, installation et maintenance de SGBD (MS SQL Server, MariaDB)Utilisations des outils de containerisation et orchestration (Docker, Kubernetes)Veille et documentationProjets liés à la sécuritéPropositions de solution techniques et d’évolution d’architectureIntégration dans une équipe agile (Daily meetings, revues techniques, etc.)

 Ton quotidien  :

Participation au Daily meeting matinal (15 minutes).Développement des nouvelles architecturesCréation des scripts d’automatisationSupervision des plateformesActions réactives et pro-actives pour garantir la bonne santé des plateformes et le respect de leurs SLARésolution de problèmes et réponses aux demandes entrantes (ticketing)Veille et recherche des solutions techniques / technologiquesEntraide avec les collègues développeurs et DevSecOpsEchanges éventuels avec l’équipe support clientEchanges avec Product Owner, Product Manager, Team Leader et Deputy Team LeaderParticipation aux [tech]talks (événement technique interne)Participation aux événements de Team Building et aux formations organisées

Il est possible selon ton profil, qu’en plus des missions de DevSecOps, celles de Team Leader ou Deputy Team Leader soient ajoutées.

Profil Une connaissance préalable approfondie de l’ensemble de toute la stack n’est pas demandée : Très bonne connaissance du monde Microsoft (Windows Server, Active Directory, Virtualisation,  Powershell)Maitrise du monde Linux (Ubuntu, RHEL, …)Compétences en supervision des SGBD (MS SQL Server, MariaDB)Ansible et TerraformUtilisation de Docker et KubernetesRabbitMQ, DaprConfiguration Cloud public et privée (Azure, AWS, IBM Cloud)Une première expérience avec une architecture micro-services serait un plusdàDiplôme en Informatique et 5 années d’expérience professionnelle minimum dans le domaine de l’administration de système, ou autour de sujets DevOps/DevSecOps.

Vous pouvez avoir une belle expérience sur Linux et un peu moins sur Windows, et vice-versa.

L’auto-formation, la veille technique et l’apprentissage au travers des échanges entre les collègues et fortement stimulée.

Informations contractuellesUn environnement de travail hybride: possibilité de faire presque 100% de télétravail !  Bureau Quartier Pointe-Saint-Charles Une assurance collective complèteUn programme de bonus annuel4 semaines de vacances.etc.Salaire estimé par notre cabinet à 90 000 - 100 000 $

Job Description

Job Description

Drive the integration of security practices to the software development and delivery process

As a developer in this team, you will build the tooling required to implement DevSecOps the best way possible for Coveo. On top of it, you will build and maintain multiple internal services that work together to support day to day security operations, like access management, continuous compliance or security testing. You will be collaborating with our entire R&D department to help them ship innovations faster and safer, by absorbing the complexity and making their life easier. All that, in the cloud, using the best providers out there. Do you have an idea that saves time for everyone else? Do it!

Here is a glimpse at your responsibilities:

• Own the security tools Coveo uses in both the continuous integration and continuous deployments pipeline
• Develop and support access management workflows to control and monitor access to infrastructure and applications.
• Push the envelope, find clever solutions to make Coveo reach its key objectives
• Participate in vulnerability management processes by triaging findings, managing exceptions, and helping ensure timely remediation
• Support compliance automation using tools to enforce standards across cloud infrastructure.
• Design, deploy, and maintain web application firewalls to protect Coveo from potential vulnerabilities.

Here is what will qualify you for the role:

• You are well versed in producing reusable code in Python, building robust and scalable systems.
• You have in-depth knowledge of best security practices in the context of software development.
• You have hands on previous Cloud service provider experience (ideally AWS), configuring and exploiting a variety of services, including Compute, Storage, Networking and Kubernetes
• You possess in-depth knowledge of DevOps tools and workflows, enabling seamless integration of security practices throughout the software development lifecycle.
• You have a track record of automating processes to reduce complexity for other developers.

Here is what would make you stand out:

• Bonus if you are proficient with Terraform for infrastructure-as-code, especially for security-related resources like IAM roles, secrets, etc.
• You have previous experience in managing one or more of the following: Anomalies and Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), Security information and event management (SIEM).

Do you think you can bring this role to life?

You don't need to check every single box; passion goes a long way and we appreciate that skillsets are transferable.

Send us your application, we want to get to know you!

Join the Coveolife!

We encourage all qualified candidates to apply regardless of, for example, age, gender, disability, gaps in CV, national or ethnic background. We know that applying for a new role is a lot of work and we really appreciate your time.

The job title is subject to change based on internal practices or the organization's structure.

#li-hybrid

En tant qu'Analyste Processus DevSecOps, vous jouerez un rôle clé dans l'intégration de pratiques de sécurité au sein des pipelines DevOps. Vous serez responsable de l'analyse, de l'optimisation et de la mise en œuvre des processus de sécurité tout au long du cycle de vie de développement logiciel (SDLC). Travaillant en étroite collaboration avec les équipes de développement, d'opérations et de sécurité, vous assurerez la conformité aux normes de sécurité tout en maintenant l'agilité des livraisons.

Responsabilités :

• Analyser et documenter les processus actuels liés à la sécurité des infrastructures et des applications dans un environnement CI/CD.

• Intégrer des pratiques de sécurité dans les pipelines CI/CD (Jenkins, GitLab CI, Azure DevOps) pour assurer une automatisation complète de la sécurité (SecOps).

• Évaluer les vulnérabilités à travers des outils de sécurité tels que SonarQube, OWASP ZAP, Burp Suite, ou Nessus, et proposer des solutions d'atténuation.

• Collaborer avec les équipes de développement pour intégrer des contrôles de sécurité dans les phases de design, de développement et de test (Shift Left Security).

• Maintenir à jour et déployer des outils de surveillance et de gestion des menaces comme Splunk, Elasticsearch, et SIEM.

• Participer à la mise en place de politiques de gestion des accès et d'authentification (IAM, OAuth2, SAML, MFA) dans les environnements Cloud (AWS, Azure, GCP).

• Effectuer des revues de code sécurisées en utilisant des outils SAST et DAST (Static and Dynamic Application Security Testing).

• Contribuer à l'amélioration continue des procédures DevSecOps via l'utilisation d'outils d'automatisation et de scripts (Bash, Python, Terraform, Ansible).

• Veiller à la conformité aux normes de sécurité comme ISO 27001, SOC 2, et NIST en assurant un alignement avec les politiques internes.

Job Description

Job Description

Description de l'entreprise

Depuis plus de 10 ans, notre client  accompagne les entreprises dans la transformation de leurs pratiques DevOps , à travers trois leviers stratégiques : l’évaluation des processus, l’expertise-conseil et la formation sur mesure.

Rejoindre cette équipe, c’est intégrer une communauté dynamique qui valorise le partage de connaissances, l’automatisation et l’humain.

Description du poste

Le ou la spécialiste DevSecOps intégrera l’équipe dédiée à améliorer l’expérience des développeurs en facilitant l’accès aux ressources de plateforme de manière standardisée, conforme, sécuritaire et automatisée.

L’objectif est de favoriser l’autonomie des développeurs tout en réduisant leur charge cognitive et en optimisant leur efficacité. Le candidat travaillera en étroite collaboration avec les équipes d’architecture, de sécurité afin de garantir que les solutions proposées répondent aux exigences du client et qu’elles soient alignés avec les meilleurs pratiques de l’industrie.

Il sera chargé d’accompagner les équipes de développement pour soutenir l’adoption des services offerts, garantir leur qualité, et contribuer à l'évolution de notre maturité DevSecOps.

Tâches : 

• Développer et maintenir des tâches d’automatisation dans Azure DevOps pour optimiser les déploiements;
• Assurer la gestion, le support et la gouvernance du service Azure DevOps;
• Accompagner les équipes dans l’adoption des solutions proposées;
• Documenter les processus et promouvoir les normes et standards établis;
• Identifier les opportunités d’optimisation continue des services;
• Participer à l'amélioration de la qualité des livrables grâce à l’automatisation et à des pratiques DevSecOps solides.

Qualifications

• 5 à 10 ans d’expérience en développement logiciel et en automatisation DevSecOps;
• Maîtrise de Microsoft Azure DevOps;
• Compétent dans divers langages de programmation (TypeScript, Python, et PowerShell);
• Connaissance en intégration continue;
• Connaissance en automatisation des builds / déploiement;
• Expérience en assurance qualité;
• Capacité d’analyse et de diagnostic de problèmes techniques complexes;
• Expérience dans des environnements technologiques variés (applications sur site, solutions infonuagiques et multiples intégrations);
• Connaissances en Windows, Linux, AWS (CloudFormation);
• Familiarité avec ServiceNow et/ou Atlassian;
• Expérience ou notions en sécurité informatique, un atout.

Informations supplémentaires

• Solides habiletés en communication, influence et négociation;
• Sens aigu du service à la clientèle;
• Esprit d’équipe, collaboration interdisciplinaire;
• Capacité à gérer plusieurs priorités et projets en parallèle;
• Aisance à travailler sous pression;
• Ouverture au changement et volonté de faire évoluer les pratiques

Job Description

Job Description

Your Career

Data Theorem focuses on preventing application security (AppSec) data breaches. The main areas of security specialty include: API, Cloud, Mobile, Web, and Software Supply Chain. We are searching for exceptional talent pursuing an opportunity to grow and take ownership of the projects that resonate most with them.

As a Product Manager for Data Theorem you will be at the forefront of advancing security and protection of Cloud-Native Applications and APIs. This role demands a unique combination of technical acumen, security expertise, cloud knowledge, and the ability to build relationships with customers and across our organization. You'll play a pivotal role in shaping our security products, working closely with engineering teams to bring innovative offerings to the market. You will be responsible for supporting product strategy, feature prioritization, and product roadmap. In addition to your creativity, you will also rely on interaction with customers and partners to understand requirements and problems. You will be expected to deliver product capabilities that match Data Theorem’s level of innovation and go-to-market goals. You will be involved in all stages of the feature lifecycle (conception, definition, development, release and post-release activities) managing strategic planning, feature selection and tactical activities.

Our products help thousands of customers including DevOps and security engineers discover, test, fix, and avoid security issues that may impact their applications and prevent data breaches, and you will be instrumental in driving new features and efforts to completion.

Your Impact

• Support and contribute to the product strategy, planning, and operations.
• Share ownership in the product roadmap and priorities for engineering.
• Collaborate with stakeholders: GTM teams, backend, frontend, UX designers, and partners to ensure the execution and release of new customer-facing features.
• Feature prioritization and trade-off decision-making
• Market and competitive analysis, requirements development, business case, collateral, and product positioning.
• Work closely with Engineering teams to define product requirements and roadmaps - Translate complex technical concepts into actionable plans.
• Customer engagement and relationship development for executive briefings, product evangelism, and requirements gathering.
• Collaborate with GTM and Support teams to ensure successful product launches and market adoption - Be an advocate for the product internally and externally.
• Engage with customers to gather insights, validate concepts, and understand evolving needs in the application and cloud security landscape and continually improve the user experience.

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Engineering, or related field.
• Minimum of 5 years of experience in product management (security, cloud or SaaS technologies preferred).
• Strong technical background with an understanding of security.
• Proven track record of managing all aspects of a successful product throughout its lifecycle.
• Excellent communication and leadership skills, with the ability to influence cross-functional teams.
• Demonstrated ability to think strategically and execute methodically.
• Experience with agile methodologies and software development principles.
• Desire to work in a fast-paced, start-up environment. 

 

Powered by JazzHR

B3rnMcRooq

Principal Cloud Security Engin.
Job Category: Engineering & Cloud
Location: Canada - BC - Remote
**Meet Our Team:**
**_Due to the nature of the work with Protected B, Canadian Citizenship is required._**
_Location: Remote-_ **_Pacific Time Zone Canada_**
Cloud Security Engineering (CSE) is responsible for designing, implementing, and maintaining security measures to protect organization's cloud infrastructure, applications, and data. We develop security policies, perform assessments, configure tools, and provide guidance to ensure secure cloud environments. CSE partners closely with the Cloud Service Reliability and Cloud Engineering teams to ensure every solution is secure, reliable, available, and observable.
**Picture Yourself at Pega:**
You will be part of a highly innovative company changing how companies work and optimize their outcomes. In this role you will be part of a highly collaborative team that is well versed and skilled in their space. You will be an adaptive/flexible change agent driving data driven decisioning while seeing the benefits of your hard work turn into business outcomes.
**Who You Are:**
- Implement security controls in AWS and GCP to protect against threats and vulnerabilities.
- Automate security tasks using scripting languages like Python or Ansible.
- Manage security incidents and respond to security alerts.
- Develop and maintain security policies and procedures.
- Provide solution to complex security problems and own its implementation.
- Provide security guidance to other teams within the organization.
- Stay up to date on the latest security threats and trends.
- Experienced with cloud technologies and well versed with AWS core concepts and services.
- Experienced with infrastructure-as-code tools such as Terraform and CloudFormation
- Experience with security tools and technologies like SIEM, IDS/IPS, and vulnerability scanners.
- Experience with CICD and source control tools (Jenkins, Git, Subversion etc.)
- Experience with SDLC and DevSecOps processes and technologies
- Familiarity with regulatory compliance frameworks.
- Proficient in scripting languages such as Python, Ansible, AWS Lambda
- Have knowledge of Linux operating systems and system administration
- Understand cloud security concepts and best practices
**What You've Accomplished:**
+ Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
+ 8+ years of experience in Cloud Security, with a focus on AWS or GCP.
+ Strong understanding of cloud security principles, policies, and best practices.
+ Experience with scripting languages like Python or Ansible.
+ Experience with DevOps tools and processes, including CI/CD pipelines, source code management, and containerization
+ Technical thought leadership (ability to perform an in-depth security analysis of a cloud environment)
+ Mentoring (ability to lead security projects and train others in new security technologies)
_Desired Qualifications_
+ Experience with log management and SIEM tools like Splunk or Google SecOps
+ Experience with container security and Kubernetes
+ Experience with infrastructure-as-code tools like Terraform and CloudFormation
+ Experience with building application that uses API integration
+ Certifications such as CCSP, AWS Certified Security Specialty, or GCP Professional Cloud Security Engineer
+ Knowledge of Windows OS and systems administration
+ Experience with Windows AD
+ Experience with AWS IAM management
**Pega Offers You:**
+ Gartner Analyst acclaimed technology leadership across our categories of products
+ Continuous learning and development opportunities
+ An innovative, inclusive, agile, flexible, and fun work environment
+ Competitive global benefits program inclusive of pay + bonus incentive, employee equity in the company#LI-KH2 KH2
Job ID: 21532
**AI in Action -** Pega embraces the power of artificial intelligence. We encourage all employees to actively engage with AI technologies and continually explore ways to responsibly integrate AI into our products and processes.
**Culture -** At Pegasystems, we foster an environment where people feel valued and empowered to contribute their best. With global clients across industries and regions, we know our success depends on the unique perspectives, experiences, and talents of our people. Ours is a workplace where everyone can grow, collaborate, and deliver meaningful outcomes.
We encourage candidates from all backgrounds and experiences and focus on the core competencies and mindset needed to thrive in a role.
As an Equal Opportunity employer, Pegasystems will not discriminate in its employment practices due to an applicant's race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran or disability status, or any other category protected by law.
**Export Compliance -** For positions requiring access to technical data subject to export control regulations such as this, Pegasystems may need to obtain export license approval from the U.S. Government and EU Authorities for certain individuals.
**Accommodations -** If you require reasonable accommodations under the Americans with Disabilities Act (US only) or comparable regional regulations in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process,or contact (US only) 1-888-PEGA-NOW and/or 225 Wyman Street Waltham, MA 02451 ATTN: Benefits.
It is Pega's policy to engage, recruit, hire, promote, train, discipline, and compensate in all job classifications, without regard to race, color, sex, religion, national origin, age, disability, sexual orientation, gender identity, veteran status, or any other category protected by law.