Principal Product Security Engineer (Kubernetes)

VTRAC Consulting Corporation

“Intelligent Resources”

Thank you for applying to VTRAC opportunities. Please email your resume as a MS-WORD document in confidence Subject: Principal Product Security Architect Attention: [email protected] or call 416-366-2600 x 234

Title:Principal Product Security Engineer (Kubernetes)

Type:Permanent Full Time

No. of Positions:1

Location: 100% Remote work, within the USA.

The Position:

This is an excellent opportunity for an experienced DevSecOps Engineer, who is an expert with containers and Kubernetes, to step into a Principal level role and transition between Engineering and Architecture.

You will be responsible for securing a high profile online SaaS platform for one of the world’s best FinTech companies. You will lead Product & API Platform Security, working side by side with the Chief Security Architect for the platform. In this role your time will be split, roughly, as follows: 20% security reviews (architecture, threat modelling), 20% risk assessment, 30% doing POCs involving Kubernetes, 15% creating awareness and training materials, 15% working on the security roadmap.

Responsibilities & Deliverables:

• Improve SDLC and automated security testing in regards to CI/CD.
• Working with containers and Kubernetes in POC or production environments.
• Involved in threat modeling, design reviews, code reviews as part of the secure development lifecycle.
• Collaborate with Enterprise Architects to lead platform design, as well as with Chief Risk Officer and CISO teams to educate about security risks.
• Evaluate application security maturity and build enhancement plans by utilizing OWASP SAMM and BSIMM.

Desired Skills & Years of Experience:

• IT: 9+
• Security focused: 5+
• Hands on experience with containers and Kubernetes in production and POC environments:
• Evaluating containerization architecture with Kubernetes technology:
• Application security, Cloud security, SaaS platform security, API platform security:
• Expertise in Microsoft Azure services (or equivalent ones in AWS, GCP, etc.) including: AKS, DevOps, Front Door, Application Gateway
• Define security requirements for build and delivery pipelines:
• Excellent communication verbal and written skills, as well as confidence in client facing scenarios:
• Involvement in the cyber security community and thought leadership:
• FinTech & Financial Domain experience would be nice to have, but not required:

We thank all candidates in advance. Only selected candidates for interviews will be contacted. For other exciting opportunities, please visit us at www.vtrac.com. VTRAC is an equal opportunity employer.

Toronto       .       New York       .     Houston       .       Palo Alto