Cloud Security Solutions Engineer
City : Toronto, Ontario, Canada
Category : Full time
Industry : Public Services/Utilities
Employer : Healthcare of Ontario Pension Plan (HOOPP)
Why you’ll love working here:
high-performance, people-focused culture
our commitment that equity, diversity, and inclusion are fundamental to our work environment and business success, which helps employees feel valued and empowered to be their authentic selves
learning and development initiatives, including workshops, Speaker Series events and access to LinkedIn Learning, that support employees’ career growth
membership in HOOPP’s world class defined benefit pension plan, which can serve as an important part of your retirement security
competitive, 100% company-paid extended health and dental benefits for permanent employees, including coverage supporting our team's diversity and mental health (e.g., gender affirmation, fertility and drug treatment, psychological support benefits of $2,500 per year, and newly extended maternity/parental leave top of 26 weeks)
optional post-retirement health and dental benefits subsidized at 50%
yoga classes, meditation workshops, nutritional consultations, and wellness seminars
access to an annual wellness reimbursement program for health and wellness-related expenses for permanent and temporary employees
the opportunity to make a difference and help take care of those who care for us, by providing a financially secure retirement for Ontario healthcare workers
The Cloud Security Solutions Engineer (Senior DevSecOps Engineer) position secures the environment and supports HOOPP’s business objectives. The individual in this position will lead various technical initiatives and architecture conversations with other IT teams. Hence, the successful candidate must possess a solid understanding of information security, cloud infrastructure, identity and the concepts which underpin Zero Trust . The role also requires the ability to understanding business goals/strategy and operational requirements in a fast-paced environment.
The Cloud Security Engineer is responsible for three primary functions within the Information Security Core Team. The first is to continuously govern and improve the core cross cutting security services including cloud infrastructure. The second is to improve to HOOPP’s overall Cloud security posture, by providing oversight and working closely with the distributed IT team’s DevSecOps engineers. Third, to help InfoSec implement new processes and automation to reduce recuring tasks and approvals.
A successful candidate will have excellent interpersonal skills, strong technical, cloud security and governance experience; he or she is expected to interface with peers and other leaders across IT&FS to solicit their involvement in achieving higher levels of security through information sharing and co-operation.
Strategy & Planning
- Participate in the planning and design of enterprise security architecture, under the direction of the Director, Information Security Operations
- Participate in the creation of enterprise security documents (ie. policies, standards, baselines, guidelines, and procedures.)
- Recommend strategic improvements with regards implementing Zero Trust approaches considering that Identity & Access Management is part of the new edge.
Acquisition & Deployment
- Maintain up-to-date detailed knowledge of the Information security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Perform the deployment, integration, and initial configuration of new security solutions and enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices (i.e., security tools, workstations, servers, network devices, etc.).
- Maintain operational configurations of security solutions as per the established baselines.
- Monitor security solutions for efficient and appropriate operations.
- Review logs and reports of devices (i.e., security tools, workstations, servers, network devices, etc.).
- Participate in investigations into problematic activity.
- Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
- Provide on-call support for security event reporting when needed.
Formal Education & Certification
- 7 – 10 years of experience in IT Infrastructure with a minimum of 5 years working with Azure or AWS
- 5+ years of experience in information security
- 3+ years of exposure to Kubernetes
- Bachelor’s Degree in computer science or related field
- One or more of the following certifications:
- ISC2 Certified Information Security Professional (CISSP)
- ISC2 Certified Cloud Security Professional (CCSP)
- ISACA Certified Information Security Auditor (CISA)
- ISC2 Systems Security Certified Practitioner (SSCP)
- Strong understanding of cloud security principals relating to IaaS/PaaS/SaaS, and a background in working within enterprise cloud environments such as Azure, AWS etc.
- Strong background in the identification and remediation of security vulnerabilities.
- Deep understanding of technological concepts such as IT architecture, cloud technologies, applications, network infrastructure.
- Strong understanding of security best practices with regards to operating systems, network appliances, and databases.
- Experience with Agile including Scrum is strongly preferred.
Knowledge & Experience
- Extensive experience managing, deploying, and securing cloud infrastructure (such as AWS & Azure) and containerized services and applications
- Extensive experience leveraging security tooling native to cloud environments such as AWS & Azure
- Exposure with Cloud compliance solutions.
- Exposure with deployment pipelines and securing them.
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Strong understanding of operating systems, databases, Active Directory.
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Communicate effectively abstract technical concepts with customers, teammates, and management.
- Ability to conduct research into IT security issues and products as required.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
- Ability to learn different skills outside of their domain of expertise
- Ability to work independently and take initiative
- Ability to balance value in delivery against standard practices and processes
- Ability to think “big picture” for architecture and develop long-term solution
- Willingness to learn and work in a multidisciplinary team