Security Engineer

Security Engineer
Location: Montreal (day 1 onboarding onsite in-office presence required 3x/week)
12 Months Contract Position

The majority of profiles we have received so far were for candidates in SOC Analyst/SRE/L1-L2 Operations roles, with no development work experience, which is core requirement for our role.

Job Description/Skill Matrix to emphasize on the prior development work experience - candidates should have at least 5 years of prior development experience with python, hands-on with docker/podman and enterprise Kubernetes solutions (Openshift/Azure Kubernetes Services/EKS).

Currently hiring for 2 positions
Looking for 5+ yrs of exp with deploying applications to Python
Experience in Kubernetes and CI/CD Pipelines must have.
Knowledge in Scripting language like Python, PowerShell
Prefer basic concept of IAM but not required
Nice to have Prolog.
2 rounds of interview.
Open policy, styra Rego language
Security back ground candidate

We are seeking a security engineer to build the firm s next generation Policy Based Access Control (PBAC) solution. This role will reside within the firm s Cyber organization within the Identity & Access Management team. As part of IAM team, you will partner with internal infrastructure teams--integrating on-premise/cloud/SaaS solutions with this firmwide PBAC solution.

Responsibilities:

Collaborate with internal engineering teams to design PBAC (policy based access control) solution for infrastructure platforms and services.
Develop, test and deploy PBAC integration for both in-house developed and vendor products following policy-as-code and GitOps methodology.
Create detailed design documentation and present/articulate design decisions to internal governance forums.

Required Skills:

• A 4-year bachelor's degree majoring in Computer Science, Information Security, or a related field.
• Minimum 5 years of professional experience in Python development including hands-on with CI/CD pipelines, containerization tools like docker/podman and deploying applications to Kubernetes(Openshift/AKS).
• Experience with a declarative language like Prolog, Rego for policy-as-code implementations is a plus.
• Experience developing and implementing solutions using secure authentication protocols such as OIDC/ SAML and mTLS is a plus.
• Experience with shell scripting and SQL including database schema design with products such as PostgreSQL and MongoDB is a plus.
• Understanding of IAM cloud platforms such as those offered by Azure, AWS, GCP is a plus.

Desired Skills (Nice to haves):

Industry certifications (i.e. CISSP, CISM).
Cloud security certifications like Microsoft Certified Identity and Access Administrator Associate and/or AWS Certified Security - Specialty.
Savvy troubleshooting skills on a variety of different technologies (SQL, Linux OS utilities, PowerShell).
Experience with implementation of PBAC solutions for application authorization.
Experience with Sailpoint Identity Now or IdentityIQ IGA solutions.
Excellent technical documentation skills.