Title: SecOps Engineer/ Cloud Security Engineer Duration: 6+ months Contract (possible extension) Location: Canada (100% remote) Experience Level: 5-7 years

This is a hands-on DevSecOps Security role focused on securing CI/CD pipelines and ensuring DevOps processes meet enterprise security standards. Key responsibilities: Assess CI/CD pipelines (Jenkins, GitHub Actions, GitLab, Azure DevOps) for security gaps. Validate and evaluate security tools such as Snyk, Checkmarx, Veracode, SonarQube, Wiz, or Prisma Cloud. Implement and verify security controls like SAST, SCA, secret scanning, container scanning, and IaC scanning. Document findings, track remediation efforts, and support governance/reporting activities. Work closely with Application Security, Platform Engineering, and DevOps teams. Ideal candidate: Strong DevOps + Security background (not just one or the other). Experience with CI/CD security assessments and DevSecOps practices. Knowledge of cloud platforms (AWS/Azure/GCP), Kubernetes, Docker, and Terraform. Experience integrating security tools into development pipelines.

Must-have: Hands-on experience securing CI/CD pipelines (Jenkins/GitHub Actions/GitLab/Azure DevOps) using DevSecOps security controls (SAST, SCA, container & secret scanning) and security tools like Snyk, Checkmarx, Veracode, or SonarQube, preferably in a cloud environment (AWS/Azure/GCP).