Senior DevSecOps

During the Covid-19 pandemic Prodigy is operating, hiring, and onboarding remotely.
Prodigy Education is a global leader in game-based learning and is one of the fastest-growing EdTech companies in North America. Our mission is to help every student in the world love learning, motivating millions worldwide via fun, secure and accessible curriculum-aligned gameplay experiences. Visit www.prodigygame.com to learn more.
The Engineering team builds and operates a high performance, scalable, reliable, and secure technology platform that will allow us to transform education and deliver effective learning experiences to every student in the world. We do this by building for tomorrow, failing fast and early, and empowering each other to make things better. Interested in learning more about what we're working on? Visit the Prodigy Engineering blog at https://medium.com/prodigy-engineering
As a DevSecOps II, we would be looking to you to understand the overall application and infrastructure security & compliance requirements as they relate to the education industry and act as a key player in the cyber security team.

Your Impact

• You will execute against Prodigy's strategy for a secure infrastructure and application landscape
• You will work very closely with the Infrastructure and Engineering teams to consult on security-critical infrastructure and system features 
• You will champion continuous improvement within Prodigy Education's security controls, identifying automation opportunities and tools that could improve the ability to detect and react to events

Who You Are

• 3+ years of experience in AWS including use of their security tooling
• Demonstrable experience with Kubernetes and Amazon EKS - RBAC, Network policies, Pod security policies, Container security
• You have knowledge of Containers (Docker) and deployment of containerized applications/microservices architectures 
• You have automated tasks in Cloud Infrastructure with serverless technologies and know how event-driven patterns are constructed
• You have experience building RESTful APIs and scripting with NodeJS or Python
• You have hands-on experience with CI/CD tools such as GitHub Actions, Jenkins & Circle CI
• You have experience with multiple Application Security Tools (SAST, DAST, SCA) and the integration into the SDLC via CI Automation and Integration
• You hold a Degree in Engineering
• You have experience with modern source code management and software repository systems e.g. Visual Studio, Git/GitHub, etc. 
• You have a thorough understanding of base Cloud Infrastructure constructs - Virtual Private Cloud, Subnets, Security Groups and 3-tier application architecture
• You have expert knowledge in one or more SAST and/or DAST Solutions.
• You have familiarity with threat modelling and security design review methodologies.
• You have a deep understanding of the fundamentals of security at multiple layers of abstraction, from operating systems to applications
• You have a strong bias towards automation and innovative thinking.

Our Core Technologies

• Backend: Node.js, GraphQL, Postgres, DynamoDB, Redis, AWS, Lambda
• Game: HTML5, Canvas, WebGL, Phaser, Pixi, Typescript
• Frontend: React, React Native, ES6, Typescript

Bonus Points For

• Experience with Kubernetes
• CISSP, CCSP certifications 
• Any AWS certifications

What We Offer

• A culture of transparency, where team members are involved in important conversations
• Full health benefits from day one (1)  for you and your family, fully covered! 
• We are a profitable company, with eligibility to participate in stock options for all full-time permanent employees
• Learning and development budget for all full-time employees to use towards career growth and development opportunities 
• We recognize 9-5 is not for everyone! We offer flexible working hours that will allow you to schedule your workday with a bit more freedom! 

While we operate 100% remotely, for the time being, we understand the importance of togetherness. We offer frequent and fun team and company events, to stay connected and in the know.

Come as you are. We believe the power of our collective potential will transform education. We are building towards a diverse, inclusive, and equitable workplace to empower and create access and opportunity for all. We welcome applications from people from all underrepresented groups, including (but not limited to) people of any gender, age, or religion, members of the LGBTQIA2+ community, BIPOC and other underrepresented races and nationalities, people with disabilities, veterans, and anyone who may contribute to the further diversification of Prodigy Education. If you feel like you don’t have all the qualifications for this position and are willing to use your initiative to learn the rest, we’d still love for you to apply!
We are an equal opportunity employer and are committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act, 2005 (AODA). Prodigy Education will provide accommodations to job applicants with disabilities throughout the recruitment process. If you require accommodation, please notify us, and we will work with you to meet your needs.