Job Title: Security Engineer
Location: Montreal (Hybrid role: 3 days onsite, 2 days remote)
Contract Duration: 1 year
We are seeking a Security Engineer to build the firm's next-generation Policy Based Access Control (PBAC) solution. This role will reside within the firm's Cyber organization within the Identity \& Access Management (IAM) team. As part of the IAM team, you will partner with internal infrastructure teams, integrating on-premise/cloud/SaaS solutions with this firmwide PBAC solution.
Responsibilities:
- Collaborate: Work with internal engineering teams to design PBAC solutions for infrastructure platforms and services.
- Develop and Deploy: Develop, test, and deploy PBAC integrations for both in-house and vendor products using policy-as-code and GitOps methodologies.
- Documentation: Create detailed design documentation and present design decisions to internal governance forums.
Required Skills:
- Education: A bachelor's degree in Computer Science, Information Security, or a related field.
- Experience: At least 5 years of professional experience in Python development, CI/CD pipelines, containerization tools like Docker/Podman, and deploying applications to Kubernetes (Openshift/AKS).
- Policy-as-Code: Experience with declarative languages like Prolog or Rego is a plus.
- Authentication Protocols: Experience with secure authentication protocols such as OIDC/SAML and mTLS is a plus.
- Scripting and SQL: Experience with shell scripting and SQL, including database schema design with PostgreSQL and MongoDB, is a plus.
- Cloud Platforms: Understanding of IAM cloud platforms like Azure, AWS, and GCP is a plus.
Desired Skills (Nice to haves):
- Certifications: Industry certifications like CISSP, CISM, and cloud security certifications such as Microsoft Certified Identity and Access Administrator Associate or AWS Certified Security - Specialty.
- Troubleshooting: Strong troubleshooting skills across various technologies (SQL, Linux OS utilities, PowerShell).
- PBAC Implementation: Experience with implementing PBAC solutions for application authorization.
- Identity Solutions: Experience with Sailpoint Identity Now or IdentityIQ IGA solutions.
- Documentation: Excellent technical documentation skills.
