The DevSecOps Chapter’s mission is to help all software squads adopt best practice software delivery mechanisms, ensuring they deliver secure, reliable and quality software as effectively as possible. Work with various internal and external teams consisting of architecture owners, enterprise and domain architects, business analysts and the entire Scrum team (the team) to deliver secure, scalable solutions that meet the organization's changing needs.
The DevSecOps Engineer is responsible for the implementation, maintenance and efficiency of CI/CD pipelines as well as several other reusable DevSecOps capabilities. They value simplicity and is willing to question technical constraints and procedures to achieve Agile delivery. A great DevSecOps is eager to get their hands dirty and use their imagination to help solve the biggest problems. The DevSecOps Engineer needs to work with various development squads to integrate quality scanners (such as SCA, SAST and DAST), code quality scanners, test automation tools, performance analysis tools. Your expertise is leveraged to continuously improve the performance, security and reliability of the software delivery systems.
Responsibilities
- Design, implement, maintain and improve CI/CD pipelines for several products, for multiple environments and multiple situations
- Work with the squad to integrate quality and security into the development process, making sure that security scanners, controls, policies and regulations are compliant.
- In collaboration with the security group, continuously evaluate and improve security processes and procedures to stay ahead of emerging cyber threats
- Work with the team to integrate test automation tools and mechanisms for various needs, such as unit testing, regression testing, API testing, UI testing and performance testing.
- Participate in developing reusable DevSecOps capabilities that other squads can adopt
- Make sure observability is implemented and connected to analyze and improve system reliability
- With the help of systems analysts and tech leads, continuously explore, analyze and propose solution to improve deployment speed and quality
- Work on the design, implementation and testing of the Infrastructure-as-Code deployment environment
- Read and transform tool reports so that they are in a readable format, integrated to the development process management platforms (such as Azure DevOps, Jira or ServiceNow)
- Gradually transfer DevSecOps knowledge to the squad members, to ensure that the team becomes cross functional.
- Mentor and coach the technical team about DevSecOps, and if applicable also with code reviews
- Proactively identify opportunities for process, systems, and other improvements.
- Monitor and analyze system logs, network traffic, and security events to help identify and respond to security incidents
Skills
- 5 years in Software Engineering
- Demonstrated and strong experience in agile projects on Azure DevOps, Azure Cloud Environment and SaaS Solutions
- Strong understanding of security practices like SCA, SAST, DAST, etc. and tools like Mend, Snyk, etc.
- Demonstrated and strong experience in agile projects on Azure DevOps, Azure Cloud Environment and SaaS Solutions
- Demonstrated experience on On-Prem environment with legacy software and DevSecOps solution for legacy software or ERP
- Strong knowledge of Terraform and Infrastructure as Code
- Strong knowledge of Azure DevOps pipelines (YAML) or similar
- Strong knowledge of version control software good practices and Git
- Strong knowledge of Azure and Azure Monitor
- Strong knowledge of the containerization principles such as Docker, Azure Containers and Kubernetes
- Strong knowledge of bash or Powershell or other scripting tools to automate actions
- Completed an Undergraduate Degree in Computer Science, Engineering or Management Information Systems or an equivalent combination of relevant education and work experience
- Relevant experience in agile delivery
- Strong Analytical ability with demonstrated application of technical problem solving and analytical tools and techniques. Ability to identify issues and risks and provide options analysis.
- Effective communication skills with ability to understand the squad’s priorities and propose technical decisions tied to priorities
- Bilingual in both official languages (French and English, Asset)
Job Type: Full-time
Schedule:
Ability to commute/relocate:
- Ottawa, ON: reliably commute or plan to relocate before starting work (required)
Experience:
- Software Engineering: 5 years (preferred)
- Azure: 5 years (preferred)
- Docker: 5 years (preferred)
- PowerShell: 5 years (preferred)
Language:
Licence/Certification:
- reliability security clearance (preferred)
Work Location: In person
