Job Description

Story Behind the Need:

• Business group: Cloud & Platform Engineering - integrating application security vulnerability detection tools used by the Bank for static code analysis and SBoM generation

Project:

• 1 Resource will be playing a key role in developing and deploying components of the strategic solution for Application Security implementing Software Composition Analysis and SBoM tools in the bank's SDLC.
• 1 resource will help implement secrets detection tools and governance within the bank - this is a tool that can scan code repositories and other system for API keys, passwords, PII - raise tickets and generate reports - resource will help integrate tool to Bank systems whether that be Git Bitbucket SSO and do all the integration

Candidate Value Proposition:

• The successful candidate will have the opportunity to work with cutting-edge security vulnerability detection tools; implement and define best practices in delivering enterprise scale solutions, opportunity to work with senior/international stakeholders, for a top 5 Canadian Bank.

Typical Day in Role:

• Solution Design & Integration: Design and implement integrations between vendor APIs and Bank systems to provide seamless automation of SCA and SBoM generation through SDLC processes.
• Cloud Management: Be able to assess and implement best practices when configuring cloud SaaS solutions and integrations with APIs
• Collaboration: Work closely with development, operations, and security teams to identify and resolve issues, complete threat risk assessments, and improve existing processes.
• Security: Implement security best practices and ensure compliance with industry standards to protect the integrity and confidentiality of our systems and data.
• Performance Optimization: Analyze system performance and implement improvements to enhance efficiency, reduce latency, and optimize resource usage.
• Disaster Recovery: Design and implement disaster recovery plans to ensure business continuity and data integrity in case of system failures or other unforeseen events.

Candidate Requirements/Must Have Skills:

• 10+ years of enterprise IT experience
• 3+ years' experience as a Software or DevOps Engineer
• Experience in designing and implementing APIs, automation scripts and programming using python (preferred), bash, java, or other scripting tools
• Experience in designing and implementing automated security scanning in CI/CD pipelines
• Experience with SSO, Networking, and general OS system administration (linux and windows).

Nice-To-Have Skills:

• Cloud solution deployment experience (GCP, Azure)
• Experience with security tools (SAST, SCA, DAST)
• Solution architecture experience

Soft Skills Required:

• Strong analytical and problem-solving skills with the ability to devise innovative solutions to complex technical challenges.
• Strong communication skills- written & oral
• Strong collaborator, team player

Education:

• Bachelors in technical field (computer science)

Best VS. Average Candidate:

• Someone who can work independently with stakeholders to implement solution from design, constantly able to update design - Crucial: taking initiative, strong problem solver and is a strategic thinker and can identify solution; experience with APIs. The best candidates will have used the tools themselves and understand how they work, strong independent developer, with programming and automation expertise.
• Programming with python (preferred), dash/java experience is more important than security experience as many candidates in the past have had more broad security engineer profiles and need someone who can program and run scripts in the back end

Key attributes they are looking for boil down to:

• Decent sysadmin knowledge
• Strong problem solving experience,
• Strong python development experience
• Curiosity and initiative taking

2 most important skills:

• 1 problem solving
• 2 development and can manage their own desktop without guidance

Candidate Review & Selection:

• 2 Rounds - MS Teams Video Interviews - all panels
• Important - PLEASE Make sure candidates are OK to complete codility
• Codility will be sent as first step of the process - multiple choice around system admin concepts with some coding examples (python for 1 and other is language agnostic) - 15 minutes to complete - with 1-2 days lead time and will invite to interview based on the results
• 3 parts to codility - technology terms and concepts in DevOps - MC - general understanding of DevOps and system admin; coding test in python to complete a code block; coding problem, language agnostic, to test programmatic thinking - whole test shouldn't take more than 15 minutes - to understand domains of knowledge they have and probe on that in interview
• 1st interview - 30 minutes-45 minutes - panel of project team members (HM, technical resources) - initial assessment with senior team membership to assess fit.
• 2nd interview - 45 minutes - follow-up interview with technical team members probing on technical expertise and project experience

Job Details
13804
Contract
8 months
Toronto
86.00 CAD
Recruiter
Jashan Kaur
|

Skills Required