Scaling Up:
Go with growth

Researching jobs that offer the most potential is time consuming. We’ve identified roles from Ottawa’s top 25 growing tech firms with proven market traction or are on course to becoming large-scale global enterprises.

Looking for more? Search Starting Up job opportunities.

DevSecOps Engineer

Multiview Financial Software

Multiview Financial Software

Software Engineering
Ottawa, ON, Canada
Posted on Monday, May 27, 2024

DevSecOps Engineer (Remote within Canada)

Reporting to the Director of DevOps, the DevSecOps Engineer is a highly skilled and hands-on role with a strong focus on all cloud security technologies to ensure the safety and reliability of our ever-growing SaaS platform. This position demands an expert-level understanding of cloud security architectures, practices, and tools in AWS, with the ability to apply relevant skills across all of Multiview's DevOps service providers.

You will be a vital member of the team by managing and maintaining our cloud-based infrastructure. You will leverage your DevOps and security experience to ensure that we continue to develop and implement solutions that balance security and ongoing operations. You will promote awareness of current risks and advise of security best practices more broadly within Multiview, collaborating with other technical and non-technical teams to execute on-large scale projects, operationalize technologies, and grow the adoption of standards and processes.

WHAT ARE WE LOOKING FOR

At Multiview, we balance being client obsessed with working smart. Being tech-savvy with great communication and problem-solving skills is important, but equally showing your commitment to mutual success and contributing to our culture where the genuine care of people is our compass.

The successful candidate will be highly motivated team player, with experience in both the DevOps and IT security field, who is detail-oriented, self-starter and someone who can meet the demands of a fast-paced growing technology company while maintaining a positive attitude.

If this sounds like you, read on!

What you will do…

  • Lead initiatives for continuous improvement in security policies, processes, tools, and methodologies.
  • Work as a member of the security compliance team on maintaining and improving our security posture.
  • Oversee the full cycle of security monitoring & alerting systems to detect & respond to unauthorised access/potential threats.
  • Implement continuous improvement to preventive & detective capabilities or data sources to improve cyber defence technology stack.
  • Implement, configure and manage vulnerability monitoring and patch management as well as organise penetration testing and ensure any finding are assigned to relevant team for remediation.
  • Perform regular security assessments/audits to support and recommend solutions for improvements to harden security baseline configuration.
  • Monitor alerts and respond to security incidents, leading investigations through containment, recovery, forensic analysis and report writing.
  • Maintain knowledge of current security trends, monitor public security advisories and alerts for information related to threats and vulnerabilities.
  • Contribute to ongoing support of adherence and / or certifications to information security regulations, frameworks and standards (e.g. SOC2, HIPAA, ISO 27001, NIST CSF, PCI, GDPR and CIS).
  • Partnering with all business functions to ensure agile security designs & controls are implemented and managed as part of cyber security strategy.
  • Determine security violations and inefficiencies by conducting periodic cloud infrastructure audits and review of controls.
  • Proactively support and guide the DevOps and Engineering teams to ensure security is embedded in CI/CD pipeline and SDLC with consideration of frameworks such as OWASP Top 10.
  • Document and drive adoption of cyber security operations and playbooks for detection and response.
  • Provide information security awareness training and support to all employees.
  • Perform strategic, tactical, and operational research on latest cyber threats and trends, and best practice in security infrastructure.
  • Develop scripts for automating Cloud/server functions, including deployment, monitoring, and alerting.

KEY RELATIONSHIPS:

  • Director of DevOps
  • Engineering team
  • Multiview internal and external stakeholder

WORK ENVIRONMENT:

  • Work independently with minimal supervision.
  • Extensive collaboration with team members and other departments

COMPETENCIES PORTFOLIO:

  • Technical Skills – Strong in-depth knowledge as DevSecOps engineer and Cloud technology to perform the role competently. This level of expertise is gained through extensive on the job experience.
  • Problem Solving - Proactive in anticipating and resolving complex problems. Strong analytical and problem-solving skills to meet the requirements of the project are required.
  • Interpersonal Skills – Ability to effectively communicate and collaborate with various team members both internally and externally. Excellent communication skills are required.
  • Initiative – Seeks, accepts, and completes new tasks using own initiative; works independently with little supervision.

KNOWLEDGE, EXPERIENCE AND SKILLS REQUIREMENTS:

  • Bachelor’s or master’s degree in computer science or another relevant discipline.
  • 5+ years of proven hands-on experience as a DevOps, SRE or relevant experience, with 3 year or more DevSecOps or security engineer experience.
  • Thorough understanding and proven hands-on experience of some of the security frameworks and data privacy regulation.
  • Experience in building repeatable/reusable security processes and frameworks.
  • Hands-on experience in DevOps automation and scripting with tools and languages such as Terraform, git, github, bash, python, etc.
  • Experience with SAST, DAST and SCA tools such as VeraCode, SonarCloud, ZAP, etc.
  • Proven security design experience with specific expertise with Cloud Security (AWS, Azure, GCP)
  • Strong security experience with both Linux and Windows operating systems.
  • Strong understanding of 3 or more Security technologies and managing security incidents throughout lifecycle.
  • Understanding of Software coding and agile development methodologies.
  • Experience with orchestration tools/IAC such as terraform, CloudFormation, Ansible, Puppet, Chef, etc.
  • Demonstrated ability to maintain effective relationships across multiple functional areas of an organization.
  • A results-oriented mindset with a passion for delivering quality products that solve users’ problems.
  • Motivated, self-sufficient, resourceful, and work well with minimal supervision.
  • Excellent verbal and written communication skills.

PREFERRED:

  • Development experience with at least one modern language Python, C#, and Java.
  • Experience of infrastructure as code (IaC) tools such as Terraform, ansible, CloudFormation, and its advantages.
  • Experience with various security related tools such as SonarCloud, Wiz, Rapid7, Lacework.
  • Experience with AWS and AWS Certification is considered an asset.
  • CIS Benchmarks and Controls
  • Terraform Certification is considered as asset.

Experience comes in various forms, many skills are transferable, and passion goes a long way. If your experience is this close to what we are looking for, consider applying. We know that diversity of thought makes for the best problem-solving and creative thinking, which is why we are dedicated to adding new perspectives to the team and encouraging everyone to apply.

ABOUT US:

Multiview builds powerful, easy-to-use financial applications for clients across North America. As a leader in the ERP/Financial Software industry, we partner with sophisticated clients across multiple industries to End Month End™.

We are extremely proud of the company we have built. Bringing together professionals with diverse backgrounds, talents, and expertise is vital to making our company stronger.

Our people-first culture is our biggest advantage, and we are excited to share that commitment with you!

WHY JOIN MULTIVIEW?

At Multiview, you can make an impact that matters in a way that you never thought possible. With endless opportunities at every turn, and a company culture built to empower and develop our people to be the best they can be, Multiview is THE Software Company for you to learn, grow, create, connect, and lead. We do this by taking care of our employees first.

We strongly believe that a great job should keep you happy both at work and in life and we encourage that by offering:

  • Competitive Compensation with benefits
  • 4 weeks' vacation to start, additional paid time off to supplement work-life balance, wellness, Volunteering Time off and mental health days.
  • Company paid competitive Benefits including Extended Health, Dental, Vision and more.
  • Workplace Flexibility (Choice to work remotely in Canada or from our HQ office in Ottawa, ON)
  • Health and Wellness Perks
  • Continuous growth opportunities, professional development training support and leadership development

APPLICATION INSTRUCTIONS:

Please submit your resume outlining why you are a unique fit for this position by applying to this posting.

We thank all applicants for expressing their interest in Multiview; however, only those candidates selected for an interview will be contacted.

Multiview is committed to providing an inclusive and accessible candidate experience. If you require accommodation during the recruitment and selection process, please let us know. We will work with you to meet your needs.

ACCESSIBILITY & DIVERSITY:

Multiview promotes a diverse, inclusive, and accessible workplace. By embracing diversity, we are building a more effective organization that empowers our employees to be the best that they can be. We know that diversity of thought makes for the best problem-solving and creative thinking, which is why we are dedicated to adding new perspectives to the team and encouraging everyone to apply.

Multiview is an Equal Opportunity Employer, and we are committed to creating a barrier-free working environment for all. In accordance with the Accessibility for Ontarians with Disabilities Act (AODA) and Ontario Human Rights Code, Multiview will provide accommodation throughout the recruitment, selection and/or assessment process for applicants with disabilities, upon request.