Flex Security Engineer

Vancouver, British Columbia, Canada

Applications have closed

SADA

SADA is a premier cloud solutions provider specializing in technology consulting, IT services, application development, and managed services.

View company page

Join SADA as a Flex Security Engineer!

 

Your Mission 

As a Flex Security Engineer on the SRE team at SADA, you will reduce customer anxiety of running production workloads in the cloud by implementing and iteratively improving observability, reliability, and security. You will have the opportunity to engage with our customers in a meaningful way by defining, measuring, and improving key business metrics; eliminating toil through automation; inspecting code, design, implementation, and operational procedures; enabling experimentation by helping create a culture of ownership; increase deployment velocity without compromising safety; and winning customer trust through education, skill sharing, and implementing recommendations. Your efforts will accelerate our customers’ cloud adoption journey and we will be with them through the transformation of their applications, infrastructure, and internal processes. You will be part of a new social contract between customers and service providers that demands shared responsibility and accountability: our partnership with our customers will ensure we are working towards a common goal and share a common fate.

This is primarily a customer-facing role. You will also work closely with SADA’s Customer Experience team to execute on their recommendations to our customers, and with Professional Services on large projects that require PMO support. The success of the SRE team will be evaluated by our ability to measure the value of modernization.

 

Pathway to Success 

#MakeThemRave is at the foundation of all our engineering. Our motivation is to provide customers with an exceptional experience in migrating, developing, modernizing, and operationalizing their systems in Google Cloud Platform.

Your success starts by positively impacting the direction of a fast-growing practice with vision and passion. You will be measured bi-yearly by the breadth, magnitude, and quality of your contributions, your ability to estimate accurately, customer feedback at the close of projects, how well you collaborate with your peers, and the consultative polish you bring to customer interactions.

As you continue to execute successfully, we will build a customized development plan together that leads you through the engineering or management growth tracks.

 

Expectations

Required Travel - 10% travel to customer sites, conferences, and other related events. 

Customer Facing - You will interact with customers on a regular basis, sometimes daily, other times weekly/bi-weekly. Common touchpoints occur when qualifying potential opportunities, at project kickoff, throughout the engagement as progress is communicated, and at project close. 

Onboarding/Training - The first several weeks of onboarding are dedicated to learning and will encompass learning materials/assignments and compliance training, as well as meetings with relevant individuals. Details of the timeline are shared closer to the start date. 

 

Job Requirements

Required Credentials:

Required Qualifications:

  • 7+ years of expertise in security architecture, cloud security, and application security
  • DevSecOps and automation mindset
  • Expert level in IT infrastructure security (Linux, Windows, networks, cloud, etc)
  • Highly collaborative in a fast-paced team environment with strong written and verbal communication skills
  • Experience with designing, implementing, and managing application security threat modeling
  • Expertise with vulnerability scanning, container scanning, and SAST/DAST
  • Expertise in identity & access management and certificate & key management solutions
  • 3+ years in software development using languages like Python, Go, bash, Java, etc
  • Proficient in establishment of security standards, policies, and best practice principles and documentation
  • Ability to participate in software code refactoring to address application security
  • Exposure to full stack development in a cloud environment using CI/CD principals
  • Working knowledge in version control such as GitHub, GitLab, Bitbucket, etc
  • Experience implementing security in microservices & serverless architecture, and in messaging between services
  • Expert in implementing principle of least privilege and separation of duties with ability to architect for defense in depth
  • Ability to support security governance and compliance using secure template management, IAM permissions, and configuration drift detection/remediation
  • Experience using various tools to automate security in the release pipeline
  • Experience implementing application authentication and authorization using SAML, OAuth, OIDC, LDAP, Kerberos
  • Experience with tooling used for Security Information and Event Management (SIEM), Endpoint Detection and Response, Managed Detection and Response, or Extended Detection and Response
  • Expertise with dependency and library management and supply chain integrity 
  • Example technologies: Grafeas, SLSA, Black Duck, OpenSCAP, Trend Micro Cloud One, Orca Security, Splunk, Splunk Phantom, Sysdig, Aqua, kube-bench, kube-hunter, trivy, Clair, Check Point, Chef InSpec, GitLab SAST/DAST, Palo Alto Prisma Cloud, Palo Alto Cortex XSOAR, TFLint, ScoutSuite, CoreStack, CloudKnox, Hashicorp Vault, CyberArk, Thyotic, Nessus, Crowdstrike, Okta, Auth0, Active Directory

Useful Qualifications:

Candidates with these qualifications will have stronger standing, but they are not absolutely necessary.

  • Understanding of Chaos Engineering
  • Understanding of PCI, SOC2, GDPR, FEDRAMP, and HIPAA compliance standards
  • Expertise in Microsoft Windows administration and security, Active Directory, and Group Policy
  • Understanding of cryptocurrency and blockchain technology

 

 

About SADA

 

Values:  We built our core values on themes that internally compel us to deliver our best to our partners, our customers and to each other. Ensuring a diverse and inclusive workplace where we learn from each other is core to SADA’s values. We welcome people of different backgrounds, experiences, abilities, and perspectives. We are an equal opportunity employer.

 

  1. Make Them Rave
  2. Be Data Driven
  3. Think One Step Ahead
  4. Drive Purposeful Impact
  5. Do The Right Thing

 

Work with the best: SADA has been the largest partner in North America for Google Cloud portfolio of products since 2016 and has been named the 2021, 2020, 2019, and 2018 Google Cloud Global Reseller Partner of the Year. SADA has also been awarded Best Place to Work year after year by the Business Intelligence Group, Inc. Magazine, as well as LA Business Journal!

Benefits: Unlimited PTO, Paid Parental Leave, competitive and attractive compensation,  performance-based bonuses, paid holidays, rich medical, dental, vision plans, life, short and long-term disability insurance, 401K/RRSP with match, as well as Google Certified training programs.

Business Performance: SADA has been named to the INC 5000 Fastest-Growing Private Companies list for 15 years in a row garnering Honoree status. CRN has also named SADA on the Top 500 Global Solutions Providers for the past 5 years. The overall culture continues to evolve with engineering at its core: 3200+ projects completed, 4000+ customers served, 10K+ workloads and 30M+ users migrated to the cloud.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Active Directory Application security Automation Bash Bitbucket Black Duck Blockchain CCSP CI/CD CISSP Cloud Compliance CrowdStrike Cyberark DAST DevSecOps FedRAMP Full stack GCP GDPR GIAC GitHub Governance HIPAA IAM IT infrastructure Java Kerberos LDAP Linux Microservices Nessus Okta Python SAML SAST SIEM SOC 2 Splunk Windows

Perks/benefits: 401(k) matching Career development Competitive pay Conferences Health care Insurance Medical leave Parental leave Salary bonus Startup environment Team events Unlimited paid time off

Region: North America
Country: Canada
Job stats:  9  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.