mycareers logo


Showing: 81 Project Coordinator IV (Technical Product Operations Specialist) jobs
Security Specialist IV
Spectraforce
Toronto, Ontario

a day ago

Job Description

Job Title:  Security Specialist IV
Duration: 3 months (Possibility of extension/conversion based on business needs)
Location: Toronto, ON (Hybrid – 2 days onsite, could potentially move to 4 days onsite)
 
Scope of Project: Testing frameworks for CAS policies, automating regression testing (uplifting)
Team Size/Culture: 10 people

Job Description:
We are looking for a detailed-oriented Cloud Security and AI Test Engineers to join our team. This individual will focus on automating and validating Compliance-as-Code (CaC) policies across multi cloud environments including GCP, Azure and AWS. In this role you will blend your expertise in cloud security with advanced AI tools to enhance compliance, security and test automation, ensuring continuous validation within multi cloud environments.

Key responsibilities:
  • Automated testing for cloud policies
  • Design, develop, implement and maintain AI-driven automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations
  • Implement AI- driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations to simulate and test policies effectively
  • Utilize Azure AI Search, Azure OpenAI, and Azure Machine learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps
  • Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic
  • Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts
  • Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions
Continuous Testing & CI/CD Integration
  • Integrate AI- assisted compliance validation into CI/CD pipelines GitHub actions GitHub workflows using GitHub Copilot for scripting efficiencies and M365 Copilot studio for creating streamlined policy validation templates
  • Automate security scanning and validation of terraform deployments with Python
  • Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions.
Cloud Security and Regulatory Compliance enforcement
  • Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates.
  • Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2)
Reporting & Audit Readiness
  • Implement/test logging and monitoring solutions to detect compliance violations in real time.
  • Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, AppOmni
  • Ensure that all client Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits.
Required Degree/Level of Education: Degree or Diploma, but master’s or PhD is preferred
Certifications Required: Cloud or DevSec Ops engineering certification are an asset
Years of Overall Experience: 8+ years of experience
 
Must-Have Skills:
1.)8+ years in Cloud Security, DevSecOps, AI or Cloud Engineering roles
2.) 3+ years of Technical Lead experienc
3.) Strong Knowledge of GCP, Azure, AWS.
4.) Jira and Confluence
5.) Proficient within Python
6.) CI/CD pipelines
7.) Proficient within Terraform

Soft Skills
1.) Strong communication skills (written and verbal
2.) Strong interpersonal skills are required
3.) Self-motivated, well organized, able to work both independently and in a team environment
4.) Attention to detail and someone who is a self-starter and adaptable

NICE-TO-HAVE
1.) Cloud or DevSec Ops engineering certification
2.) Experience with Container security and Kubernetes policy enforcemen
3.) Hands on experience with HashiCorp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes
4.) Cloud infrastructure as a code - Experience with Helm, ARM, JSON, YAML, REGO
5.) Banking or financial institution experience 
Applicant Notices & Disclaimers
  • For information on benefits, equal opportunity employment, and location-specific applicant notices, click here
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws.The pay rate for this position is $0.00/hr.

Don't miss your next Big Opportunity!

Get notified when we find an opportunity for you