Job Description

Location Address: Hybrid - Scarborough -2 days/week split between the 2 locations, can work from one or the other (HM does Tues at Scarborough and Thurs downtown, can be flexible but 2 days onsite minimum required)
Subject to change: 3-4 days onsite may be required based on business needs
Number of Positions: 2
1 position: 8 months
1 position: 3 months
Possibility of extension & conversion to FTE for both
Schedule Hours: 9am-5pm Monday-Friday;standard 37.5 hrs/week
Story Behind the Need
Business group: Cloud & Platform Engineering - integrating application security vulnerability detection tools used by the Bank for static code analysis and SBoM generation
Project:
1 Resource will be playing a key role in developing and deploying components of the strategic solution for Application Security implementing Software Composition Analysis and SBoM tools in the bank's SDLC.
1 resource will help implement secrets detection tools and governance within the bank -this is a
Tool that can scan code repositories and other system for API keys, passwords, PII -raise tickets and generate reports -resource will help integrate tool to Bank systems whether that be Git Bitbucket SSO and do all the integration
Candidate Requirements/Must Have Skills:
1. 10+ years of enterprise IT experience
2. 3+ years'experience as a Software or DevOps Engineer
3. Experience in designing and implementing APIs, automation scripts and programming using python (preferred), bash, java, or other scripting tools
4. Experience in designing and implementing automated security scanning in CI/CD pipelines
5. Experience with SSO, Networking, and general OS system administration (linux and windows).
Nice-To-Have Skills:
1. Cloud solution deployment experience (GCP, Azure)
2. Experience with security tools (SAST, SCA, DAST)
3. Solution architecture experience
Soft Skills Required:

• Strong analytical and problem-solving skills with the ability to devise innovative solutions to complex technical challenges.
• Strong communication skills-written & oral
• Strong collaborator, team player

Education:
Bachelors in technical field (computer science)
Best VS. Average Candidate:
Someone who can work independently with stakeholders to implement solution from design, constantly able to update design -Crucial: taking initiative, strong problem solver and is a strategic thinker and can identify solution;experience with APIs. The best candidates will have used the tools themselves and understand how they work, strong independent developer, with programming and automation expertise.
Programming with python (preferred), dash/java experience is more important than security experience as many candidates in the past have had more broad security engineer profiles and need someone who can program and run scripts in the back end
Feedback from interviews:
In general, the candidates are all fairly strong, but many lack a breadth of experience that we're looking for that would allow them to quickly integrate into our projects and be able to work independently.
Key attributes they are looking for boil down to

• Decent sysadmin knowledge
• Strong problem solving experience,
• strong python development experience
• Curiosity and initiative taking

Candidate Review & Selection
2 Rounds -MS Teams Video Interviews -all panels
**Important -PLEASE Make sure candidates are OK to complete codility
Codility will be sent as first step of the process -multiple choice around system admin concepts with some coding examples (python for 1 and other is language agnostic) -15 minutes to complete -with 1-2 days lead time and will invite to interview based on the results
3 parts to codility -technology terms and concepts in DevOps -MC -general understanding of DevOps and system admin;coding test in python to complete a code block;coding problem, language agnostic, to test programmatic thinking -whole test shouldn't take more than 15 minutes -to understand domains of knowledge they have and probe on that in interview
1st interview -30 minutes-45 minutes -panel of project team members (HM, technical resources) -initial assessment with senior team membership to assess fit.
2nd interview -45 minutes - follow-up interview with technical team members probing on technical expertise and project experience
Hiring Manager's availability to interview: ASAP
***NOTE: *** will review any requests for accommodations put forward by Suppliers***

Skills Required