Thank you for applying to VTRAC opportunities. Please email your resume as a MS-WORD document in confidence Subject: Principal Product Security Architect Attention: [email protected]or call 416-366-2600 x 234
This is an excellent opportunity for an experienced DevSecOps Engineer, who is an expert with containers and Kubernetes, to step into a Principal level role and transition between Engineering and Architecture.
You will be responsible for securing a high profile online SaaS platform for one of the world’s best FinTech companies. You will lead Product & API Platform Security, working side by side with the Chief Security Architect for the platform. In this role your time will be split, roughly, as follows: 20% security reviews (architecture, threat modelling), 20% risk assessment, 30% doing POCs involving Kubernetes, 15% creating awareness and training materials, 15% working on the security roadmap.
Responsibilities & Deliverables:
Improve SDLC and automated security testing in regards to CI/CD.
Working with containers and Kubernetes in POC or production environments.
Involved in threat modeling, design reviews, code reviews as part of the secure development lifecycle.
Collaborate with Enterprise Architects to lead platform design, as well as with Chief Risk Officer and CISO teams to educate about security risks.
Evaluate application security maturity and build enhancement plans by utilizing OWASP SAMM and BSIMM.
Desired Skills & Years of Experience:
Security focused: 5+
Hands on experience with containers and Kubernetes in production and POC environments:
Evaluating containerization architecture with Kubernetes technology:
Application security, Cloud security, SaaS platform security, API platform security:
Expertise in Microsoft Azure services (or equivalent ones in AWS, GCP, etc.) including: AKS, DevOps, Front Door, Application Gateway
Define security requirements for build and delivery pipelines:
Excellent communication verbal and written skills, as well as confidence in client facing scenarios:
Involvement in the cyber security community and thought leadership:
FinTech & Financial Domain experience would be nice to have, but not required:
We thank all candidates in advance. Only selected candidates for interviews will be contacted. For other exciting opportunities, please visit us at www.vtrac.com. VTRAC is an equal opportunity employer.