Développeur·se DevSecOps - DevSecOps Developer
About The Position
We're seeking a DevSecOps Developer to join our team and integrate security into development pipelines, cloud infrastructure, and engineering practices across client environments. In this role, you will design and implement security controls directly into CI/CD pipelines, automate vulnerability scanning, harden cloud infrastructure, and collaborate with development and operations teams to embed security early in the development lifecycle. You will work alongside senior security practitioners and client teams to build environments that are secure, reliable, and compliant. Note that while we specialize in healthcare and regulated industries, not all our projects are in these fields, so you may work across different domains from time to time.
Requirements
- 5+ years of experience in software development, DevOps, or application security
- Hands-on experience with AWS or Azure infrastructure and infrastructure-as-code tools (Terraform, CloudFormation, or equivalents)
- Strong experience with CI/CD pipelines (GitHub Actions, ArgoCD, Jenkins, or equivalents) and integrating security tooling into deployment workflows
- Deployed and administered Okta or similar identity providers (Azure AD, Google Workspace), including SSO, MFA, SCIM provisioning, and access governance
- Familiar with security best practices for cloud infrastructure, including network security, IAM, encryption, and vulnerability management
- Familiar with compliance frameworks such as SOC 2, HIPAA, ISO 27001, or equivalents
- Excellent communication skills and can explain security and infrastructure concepts to varied audiences
- Adaptable, self-directed, and comfortable in dynamic client environments
Nice To Haves
- Experience in client-facing roles such as consulting, implementation engineering, or advisory work
- Worked in healthcare or other heavily regulated industries
- Experience with container security, Kubernetes, or cloud-native security tools (Falco, OPA, Trivy, or equivalents)
- Built security automation using scripts (Python, Bash) or workflow tools (Okta Workflows, Tray.io, Workato)
- Experience with MDM / endpoint management solutions and device security policies
- Hold relevant certifications (AWS Security Specialty, CKS, CISSP, or similar)
Responsibilities
- Integrate static analysis (SAST), software composition analysis (SCA), and container image scanning tools into deployment pipelines; automate security checks in GitHub Actions, ArgoCD, or equivalents.
- Implement and maintain security controls across AWS or Azure environments using infrastructure-as-code tools (Terraform, CloudFormation, or equivalents), including IAM policy management, network hardening, and vulnerability management.
- Design and administer secure IAM architectures, including SSO, MFA, SCIM provisioning, and access governance, working with identity providers such as Okta and Azure AD.
- Build automations for configuration drift detection, remediation, and compliance monitoring; contribute to SOC 2, HIPAA, and ISO 27001 programs.
- Lead specific security workstreams or own client-facing deliverables with growing autonomy.
- Document security architectures and procedures, assist with internal tools and standards, participate in knowledge-sharing activities and interview.
Benefits
- Home office/technology budget
- Yearly professional development budget
- Company matching RRSP after 1 year
- 100% employer-paid health & dental insurance including a yearly bank of coverage for complementary medicine (Acupuncture, osteopathy, massage therapy, naturopathy, psychology, etc.)
- Life, long & short-term disability insurance
- Parental leave top-up (8 weeks), available to employees with 1+ year of tenure, regardless of path to parenthood.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
