Back to search
New Value Solutions Linkedin · Posted 6d ago

Security Engineer (ID#5228)

Vancouver

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

New Value Solutions, a national IT consulting company, is seeking a Security Engineer to join a DevSecOps team focused on security in SDLC. This will involve secure design review, threat modelling, secure code reviews, penetration testing, and security controls.


Responsibilities:


  • Perform threat modeling for identification and mitigation of security threats as part of product/application design and architecture.
  • Perform secure code reviews, secure design reviews, and penetration (black and white box) testing for applications/products.
  • Perform SCA/SAST/DAST analysis using industry tools, Embed the tools and security processes into CI/CD pipelines.
  • Create and maintain Azure security policy to ensure the secure deployment of cloud components/applications/platforms.
  • Perform design, development, integration, and sustainment of security building blocks that provide confidentiality, integrity, availability, authentication, and non-repudiation for software products built by DevOps teams.
  • Manage vulnerability management and risk management processes through the system development lifecycle (planning, design, development, testing, release)
  • Define the security controls, performs user stories for security consults for applications/product teams based on solution design and security requirements of a product.
  • Support security quality and assurance of products using various security test tools.
  • Perform validation and tuning of security testing tools to provide accurate and actionable results.
  • Coordinate with members of a DevOps team to provide guidance in the development and integration of secure design practices into the product development lifecycle.
  • Deliver training to DevOps developers on secure coding practices and hacking techniques to embed knowledge of security into the development process.
  • Drive the selection, POC, implementation and operational deployment of new security technology solutions to ensure the security (confidentiality, integrity and availability) of business data related to the DevOps development lifecycle.
  • Ensure application and infrastructure architectural solutions are secure, and compliant with policies and standards.
  • Perform security monitoring of solutions through the development lifecycle and participate as a subject matter expert in security incident response scenarios
  • Cross train with other specialists, and coaching team members and other employees


Requirements:


  • 6+ years of experience in progressively complex Security Engineer roles.
  • Professional certification such as CISSP, CEH, or equivalent.
  • In-depth knowledge of SCA/SAST/DAST, Threat Modelling, Security controls across all layers of application infrastructure, and Penetration testing for web applications
  • Knowledge of AI technologies security design and controls.
  • Undergraduate degree in Computer Science or STEM field.


If you have the necessary expertise and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those shortlisted will be contacted.


ID#5228

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent