DevSecOps Engineer (Senior)
Kitchener or Toronto /
Research & Development – DevOps /
We’re building a movement - an education revolution.
We’re building a world where anyone, anywhere can have access to the best education regardless of where they were born. At our core, we believe education is a right, not a privilege. To that end, we’re building a company and a suite of products to lead the charge in transforming access to education.
ApplyBoard is an online platform that empowers students around the world to access the best education by connecting international students, recruitment partners, and academic institutions. We simplify the study abroad search, application, and acceptance process. Not only do we help students with their study abroad journey, but we also help academic institutions to find the best students globally. Our goal is to help enable better, more diverse, schools that are enriched with cultures from all over the world.
As a Senior DevSecOps Engineer, you will be a hands-on technical leader within the Cloud Services team. You will be working under the direction of the DevSecOps team lead to provide a secure infrastructure for development and production environments. You will implement industry best practices focused on cloud and application security, using an array of tools, cloud services, and third-party integrations to improve the overall security posture at ApplyBoard. Within this role, you will interact with other DevOps teams, software engineering leads, security analysts, development managers, data governance managers, auditors (internal and external), and business managers to develop and evaluate both new and existing technologies. The Senior DevSecOps Engineer will help deliver on new initiatives as well as helping the team troubleshoot and maintain existing systems as the need arises
What you’ll be doing every day:
- Lead the security strategy governing the cloud-based platform infrastructure
- Define and own guidance, alerts, and security as code deployments to provide protection from malicious traffic, vulnerabilities, and other attack vectors
- Oversee building and maintaining a modern cloud infrastructure architecture that aligns to business requirements and industry security, compliance, performance, and resilience best practices
- Build and maintain monitoring, auditing, and reporting frameworks that produce artifacts that support security and compliance needs
- Architect procedures to automate security tasks that seamlessly integrate into code builds and deployments
- Build security utilities and tools for internal use that enable the DevSecOps team to operate at high efficiency
- Develop security and compliance capabilities in support of DevOps processes
- Research security industry trends and best practices to share with the organization through presentations and training sessions
- Research, prototype, and implement new services and/or tools to support the delivery of capabilities in our engineering roadmap
- Lead investigation and implementation of tools for continual improvement in our monitoring, alerting, and response systems.
- Own the management and remediation of potential security risks within our development and production environments
- Perform deep-dive architectural and application design reviews, documenting existing environments with high levels of detail through architectural diagrams and technical summaries
- As needed, assist with escalations in support of operational issues
- Analyze service stack and make recommendations for further improvements
- Provide documentation and training to improve security best practice awareness across the company
- Identify processes and capabilities that can be streamlined and automated
What you bring to the table:
- 5+ years of practical hands-on DevSecOps experience designing, securing, and operating, web-based commercial SaaS products that users love (in any modern tech stack)
- Expert level understanding of security best practices for client-server product architectures for cloud-based deployments
- In-depth knowledge of AWS services, best practices, and hands-on experience
- Cloud and security certifications (Ex. AWS (SA Professional, Security Specialist preferred) GCP, Azure, CISSP, CCSP, CCSK
- Experience in performing security vulnerability assessments
- Experience with IAM
- Knowledge of SSO methodologies (SAML, LDAPS, AD).
- Experience in DevOps environments and maintaining security in CI/CD processes
- Experience with Kubernetes and containerized applications and understanding how to secure these
- Experience developing infrastructure as code (Ex. - Terraform, CloudFormation, AWS CDK)
- Experience designing processes around DevSecOps tools
- Experience with cloud-based security management/IDS/IPS/SIEM tools (WAF, Inspector, GuardDuty, New Relic, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, Sumologic, Imperva, etc)
- Knowledge of network-based, system-level, and application layer attacks and mitigation methods
- Experience extracting security data from SIEM solutions, audit logs
- Strong hands-on experience with DevOps practices and CI/CD pipelines
- Intimately familiar with SaaS software development, Preferably has a software development background.
- Great communication skills. (Yes, everyone writes that - but we really mean it.)
- Demonstrated ownership and pride in the quality of the software and infrastructure you work on, and the way that it succeeds in meeting the needs of its users
- Ability to explain and defend an informed opinion while maintaining an open mind
Ideally, you also have experience with some of:
- ELK stack
- Relational databases, MongoDB, RedShift, DynamoDB
- SalesForce, NetSuite, SendGrid
- Dynatrace, Prometheus, Grafana
- AI/ML services and MLOps pipelines (SageMaker, Kubeflow, Airflow)
- Microservices, RESTful APIs, JSON, Kafka
- Node, React, Ruby, Python
- Developing and maintaining products that are used by many thousands or millions of people
- EdTech, eCommerce, or content-management software
- Service Ticketing Systems
What We Offer:
- The opportunity to have an impact on a product that is positively affecting change to thousands of students lives every day
- Working alongside a brilliant and globally diverse team based in Waterloo and Toronto
- Great compensation and benefits package to keep you healthy and happy!
At ApplyBoard, we understand the value of having a diverse team. That’s why we believe in providing equal opportunity regardless of race, national or ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or expression, marital status, family status, genetic characteristics, disability, and conviction. If you require accommodation to submit an application and/or during the interview process, please notify the Talent Acquisition Team at email@example.com. Requests will be addressed confidentially.
Life at ApplyBoard:
By joining our team, you have the opportunity to join the fastest-growing technology company in Canada, with many opportunities for growth and advancement. Work alongside a globally diverse team of over 800 team members based in 18 countries, who represent over 30 nationalities and speak more than 40 languages.
Make a difference in the lives of thousands of students as they explore educational opportunities. Want to learn more about Life at ApplyBoard, be sure to follow us on our Life at ApplyBoard Instagram.
ApplyBoard simplifies the study abroad search, application, and acceptance process by connecting international students, recruitment partners, and academic institutions on one platform. To date, ApplyBoard has become the world’s largest online platform for international student recruitment, assisting more than 100,000 students with their educational journey.
In 2019, ApplyBoard was named the fastest-growing technology company in Canada by Deloitte, ranking #1 on the Technology Fast 50™ list. In 2020, ApplyBoard announced a C$170M Series C funding on a C$2B valuation, reaching a ‘Unicorn’ status. This funding will allow us to further invest in our technology, grow our team, and serve more students on our mission to educate the world.
Thank you for your interest in ApplyBoard. Please note that only qualified applicants that have been selected for an interview will be contacted.