Cloud Security Engineer

Mississauga, ON
Product Development – DevSecOps /
Full-time /
Hybrid
KUBRA is in growth mode and currently seeking a Cloud Security Engineer to join our DevSecOps Team!
 
The Cloud Security Engineer will be responsible for enhancing and validating the confidentiality, integrity, and security of KUBRA's cloud systems and platforms as well as securing development processes and workflows within KUBRA. 
 
This is a hybrid role working out of our Mississauga office. 

What you get to do every day

    • Perform security assessments of KUBRA systems, applications, and infrastructure providing written reports and recommendations for management review.
    • Perform and review vulnerability assessments (including DAST and SAST).
    • Build and maintain security tools with an emphasis on automation.
    • Liaise with internal and external stakeholders to ensure security and compliance of all KUBRA owned computing systems and applications.
    • Provide architectural security guidance to DevOps team building cloud infrastructure in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments
    • Build threat models and security reporting tools.
    • Work with KUBRA Risk team to support risk assessments by providing mitigations to identified risks
    • Work with KUBRA Risk team to build appropriate threat models for KUBRA Cloud Platform
    • Work with KUBRA Security team, DevOps and Platform Engineering teams to maintain vulnerability and patch management processes inline with KUBRA security policy
    • Implement security related services and processes using IaC
    • Liaise with internal and external stakeholders to ensure security and compliance of all KUBRA owned Cloud systems and applications.
    • Provide architectural security guidance to product engineering teams building software applications in compliance with industry standards (PCI-DSS, NIST, CIS) in public cloud environments.
    • Support security assessments of KUBRA systems, applications, and infrastructure providing written reports and recommendations for management review.

What kind of person should you be?

    • Maintain awareness of trends and changes in the Cybersecurity industry and threat landscape.
    • Excellent written and verbal communications skills and an ability to maintain a high degree of professionalism in all client communications.
    • Ability to influence others, build relationships, manage conflicts, and handle
    • Understanding and following the business strategy, objectives, and adjusting to performance metrics.
    • Excellent organization, time management, problem-solving, and analytical skills.
    • Ability to handle pressure and focus on results

What skills do you need?

    • Experience in public cloud is required: AWS (Required), Azure/GCP (Optional)
    • 2+ years of experience in Cyber Security roles with a preference in engineering.
    • Proven Software development experience
    • Experience work with software development or devops teams is preferred.
    • Experience in systems or network administration is preferred.
    • Experience working with industry standard regulations and compliance frameworks (PCI-DSS, ISO, NIST, SANS, SOX, SOC II, HIPAA)
    • Proficiency in a wide range of public cloud technologies (ex. AWS EC2, EKS, EBS, RDS, S3, etc).
    • Proficiency in Infrastructure as Code (IaC) technologies such as Cloudformation or Terraform.
    • Scripting and automation skills highly preferred (APIs, Python, Bash, Powershell, Go)

What you can expect from us

    • Award-winning culture that fosters growth, diversity and inclusion for all
    • Paid day off for your birthday
    • Access to LinkedIn learning courses
    • Bi-annual performance-based bonus
    • Continued education with our education reimbursement program
    • Flexible schedules
    • Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages)
    • Two paid days for volunteer opportunities
    • A free premium membership for ‘Headspace’; an app geared towards mental health and wellbeing
    • Access to Perkopolis retail discounts
    • Generous benefit coverage with low premiums (+ a Health Care Spending Account)
    • RRSP Matching
KUBRA is an equal opportunity employer dedicated to building an inclusive and diverse workforce. We will provide accommodations during the recruitment process upon request by emailing the recruitment-team@kubra.com. Information received relating to accommodation will be addressed confidentially. We thank all applicants for their interest; however, only candidates under consideration will be contacted.

#GTA2024

While we value the skills and experiences listed in our job requirements, we also recognize that talent comes in many forms, and welcome applications from candidates who meet most but not all specified requirements. If you possess a strong desire to learn and grow in a dynamic work environment, apply now!

KUBRA is a fast-growing company that delivers customer communications solutions to some of the largest utility, insurance, and government entities across North America. KUBRA offers billing and payments, mapping, mobile apps, proactive communications, and artificial intelligence solutions for customers. With more than 1.5 billion customer interactions annually, KUBRA services reach over 40% of households in the U.S. and Canada. KUBRA is an operating subsidiary of Hearst.
 
Our office is small enough to allow creative individuals to flourish, yet large enough to provide long-term stability. We place a tremendous amount of responsibility on our team members to be productive, focused and self-motivated. We offer a casual work environment, competitive compensation and a stellar benefits program. 

KUBRA does not typically provide immigration-related assistance, including employment-based work visa (e.g. H-1B) sponsorship, work permit applications and extensions, permanent residence (green card) sponsorship, LMIA applications or permanent residency nominations. Candidates must ensure they have legal authorization to work in the U.S/ Canada. All sponsorship determinations are case by case based on business need.