DevSecOps Engineer

KUBRA • Mississauga • 2d ago

Join KUBRA's dynamic team as a DevSecOps Engineer! We are on the lookout for a passionate professional to spearhead the integration and maintenance of robust security measures across every stage of our software development lifecycle. Your expertise will be crucial in fortifying the confidentiality, integrity, and availability of KUBRA’s cutting-edge public cloud and Kubernetes-based platform.

In this pivotal role, you will collaborate with our talented DevOps team and cross-functional departments to ensure that our architectural strategies, controls, and processes are not only fit for purpose but elevate the enforcement of KUBRA's security policies. Your efforts will also ensure compliance with industry-recognized standards such as SOC2 and PCI-DSS. Let's innovate and secure the future together at KUBRA!

This is a HYBRID position with our office located in Mississauga, ON.

What you get to do everyday!

Implement security controls and best practices across CI/CD pipelines
Ensure vulnerability assessments (including DAST and SAST) are part of every SDLC step.
Provide security guidance to product engineering teams building software applications in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments
Provide architectural security guidance to DevOps team building cloud infrastructure in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments
Collaborate with development teams to implement secure coding practices
Implement measures to improve security of software supply chain
Develop best practices and security standards for KUBRA Cloud Platform
Work with KUBRA Risk and Compliance team to support risk assessments by proactively providing mitigations to identified risks
Work with KUBRA Security team to build appropriate threat models for KUBRA Cloud Platform services
Maintain vulnerability and patch management processes inline with KUBRA security policy
Work with KUBRA Security Operations team for incident response as necessary
Identify opportunities and arrange for updated security training for KUBRA DevOps and Cloud Platform Engineering teams when appropriate

What kind of person you should be!

You practice ‘Security as Code’ to ensure security baked in and automation.
Highly organized and responsible.
Maintain awareness of trends and changes in the Cybersecurity industry and threat landscape.
Excellent written and verbal communications skills and an ability to maintain a high degree of professionalism in all client communications.
Ability to influence others, build relationships, manage conflicts, and handle negotiations.
Understanding and following the business strategy, objectives, and adjusting to performance metrics.
Excellent, time management, problem-solving, and analytical skills.
Ability to handle pressure and focus on results.

What you can expect from us!

Award-winning culture that fosters growth, diversity and inclusion for all
Paid day off for your birthday
Access to LinkedIn learning courses
Annual performance-based bonus
Continued education with our education reimbursement program
Flexible schedules
Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages)
Two paid days for volunteer opportunities
A free premium membership for ‘Headspace’; an app geared towards mental health and wellbeing
Access to Perkopolis retail discounts
Generous benefit coverage with low premiums (+ a Health Care Spending Account)
RRSP Matching

What skills do you need?

Experience in public cloud is required (AWS, Azure, GCP)
At least 3-5 years of experience in Cyber Security roles with a preference in the engineering field.
Experience work with software development or devops teams is preferred.
Experience in systems or network administration is preferred.
Experience with Open Source Policy
Experience working with industry standard regulations and compliance frameworks (PCI-DSS, ISO, NIST, SANS, SOX, SOC II, HIPAA)

KUBRA is an equal opportunity employer dedicated to building an inclusive and diverse workforce. We will provide accommodations during the recruitment process upon request by emailing recruitment-team@kubra.com [recruitment-team@kubra.com]. Information received relating to accommodation will be addressed confidentially. We thank all applicants for their interest; however, only candidates under consideration will be contacted.

While we value the skills and experiences listed in our job requirements, we also recognize that talent comes in many forms, and welcome applications from candidates who meet most but not all specified requirements. If you possess a strong desire to learn and grow in a dynamic work environment, apply now!

KUBRA is a fast-growing company that delivers customer communications solutions to some of the largest utility, insurance, and government entities across North America. KUBRA offers billing and payments, mapping, mobile apps, proactive communications, and artificial intelligence solutions for customers. With more than 1.5 billion customer interactions annually, KUBRA services reach over 40% of households in the U.S. and Canada. KUBRA is an operating subsidiary of Hearst.

Our office is small enough to allow creative individuals to flourish, yet large enough to provide long-term stability. We place a tremendous amount of responsibility on our team members to be productive, focused and self-motivated. We offer a casual work environment, competitive compensation and a stellar benefits program.

KUBRA does not typically provide immigration-related assistance, including employment-based work visa (e.g. H-1B) sponsorship, work permit applications and extensions, permanent residence (green card) sponsorship, LMIA applications or permanent residency nominations. Candidates must ensure they have legal authorization to work in the U.S/ Canada. All sponsorship determinations are case by case based on business need.