Senior Security Engineer

What’s in it for you as an employee of QFG? Health & wellbeing resources and programs  Paid vacation, personal, and sick days for work-life balance Competitive compensation and benefits packages Hybrid and flexible work arrangements Career growth and development opportunities Opportunities to contribute to community causes Work with diverse team members in an inclusive and collaborative environment   We’re looking for our next Senior Security Engineer. Could It Be You?   We are seeking a highly skilled and experienced individual to join our DevSecOps team. The ideal candidate will be a security professional with a strong understanding of DevSecOps principles and a proven track record of implementing and managing secure cloud environments. You will play a key role in enhancing our security posture, contributing to automation efforts, and ensuring the secure development and deployment of our software solutions. This role requires a strong hands-on technical aptitude and a collaborative spirit.   What’s it like working as a Senior Security Engineer at Questrade?   In this role, you will use your expertise to:  Contribute to DevSecOps capabilities and enhancements:-Support the implementation, automation, and configuration of DevSecOps tools and processes.-Design and write code to harden security within our cloud infrastructure environment. Implement and maintain Cloud and Container Security automation:-Collaborate with Cloud Infrastructure Engineers to implement and co-develop Security-as-Code solutions.-Participate in and enhance the Secure Software Development Lifecycle (SSDLC) process in collaboration with Cloud Software Engineers.-Define and automate security controls through policy-based solutions. Drive security best practices:-Identify and mitigate potential security threats and vulnerabilities, proposing solutions to eliminate them.-Stay abreast of emerging security trends, technologies, and best practices. Collaborate and contribute:-Effectively collaborate with cross-functional teams (development, infrastructure, DevOps, architecture, cybersecurity) and stakeholders.-Actively participate in security reviews and contribute to the improvement of security processes. So are YOU our next Senior Security Engineer? You are if you have…  Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, Engineering or a related technical field. 5 years of experience in security engineering, with a focus on DevSecOps Proven experience implementing and managing DevSecOps practices in a cloud environment (preferably GCP, AWS or Azure experience also valuable). Experience with security tools such as SAST, DAST, SCA, and Secrets scanners. Proficiency in scripting languages like Python or Bash for automating security tasks and integrating security tools into CI/CD pipelines. Strong understanding of cloud infrastructure concepts, including networking, storage, compute, and security services. Hands-on experience with container security, including container image scanning, and securing Kubernetes deployments. Excellent communication and collaboration skills, with the ability to effectively work with cross-functional teams and stakeholders. Passion for staying up-to-date with the latest security trends, technologies, and best practices.   Additional kudos if you have… Experience with security orchestration and automation platforms (e.g., Ansible, Terraform, CloudFormation). Experience with security frameworks like NIST Cybersecurity Framework, NIST SSDF,  ISO 27001, or SOC 2. Relevant security certifications (e.g., AWS Certified Security - Specialty, GCP Professional Cloud Security Engineer, other cloud provider equivalents, or certifications demonstrating expertise in container and Kubernetes security and DevSecOps). Experience with incident response and security investigations.   Sounds like you? Click below to apply! #LI-MM1 #LI-Remote