Information Security Specialist (DevSecOps)
TD•Toronto, ON
•CA$114,000 - CA$136,800•Onsite
About The Position
This role is hands-on and very technical, focusing on integrating security into the DevOps pipeline. The specialist will be responsible for building and automating security touchpoints within CI/CD tools like Jenkins and GitHub Actions/Workflows. The position requires a strong understanding of development methodologies, secure software development lifecycles, and application security testing. The role also involves participating in projects of moderate to high complexity, acting as a subject matter expert, and providing guidance on reporting, analysis, and assessments.
Requirements
- Strong Python scripting ability – proficient in Python.
- Experience with Jenkins and GitHub Actions/Workflows.
- Understanding of configuring and leveraging a CI/CD orchestration tool within an organization.
- Understanding of development methodologies and secure software development lifecycle.
- University Degree.
- Demonstrated ability to participate in projects of moderate to high complexity.
- Ability and commitment to serve as a subject matter expert on business-specific, cross-functional and enterprise initiatives.
- Readiness to participate in projects of moderate to high complexity and provide guidance around complex reporting, analysis, and assessments at the functional, business line or enterprise level.
- Developer experience and understanding of development processes with modern programming/scripting languages.
- Knowledge and understanding of application security testing (DAST, SAST, SCA, etc.).
Nice To Haves
- 7+ years of relevant experience within any of the following areas: Development, DevOps/DevSecOps, or Application Security.
- Ability to triage and review technical security vulnerabilities and findings.
- Information Security Certification / Accreditation.
- Firm commitment to staying informed and abreast of emerging security issues, industry trends etc.
- Advanced knowledge of one or more technology controls or security domains, disciplines, and practices.
- Experience with information security controls, policies, processes, and industry standards.
- Strong Application Security knowledge (OWASP Top Ten, CWEs, etc.)
Responsibilities
- Build and automate security touchpoints within Jenkins and GitHub Workflows.
- Configure and leverage a CI/CD orchestration tool within an organization.
- Participate in projects of moderate to high complexity.
- Serve as a subject matter expert on business-specific, cross-functional, and enterprise initiatives.
- Provide guidance around complex reporting, analysis, and assessments at the functional, business line, or enterprise level.
- Triage and review technical security vulnerabilities and findings.
Benefits
- Base salary
- Variable compensation
- Health and well-being benefits
- Savings and retirement programs
- Paid time off
- Banking benefits and discounts
- Career development
- Reward and recognition programs
- Training programs
- Competitive benefits plan
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
