AppSec/DevSecOps Consultant (Bilingual)

* Please note that this is a bilingual EN/FR position *

About Arctiq:

Arctiq is a leader in professional IT services and managed services across three core Centers of Excellence: Enterprise Security, Modern Infrastructure and Platform Engineering. Renowned for our ability to architect intelligence, we connect, protect, and transform organizations, empowering them to thrive in today's digital landscape. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries.

Overview

Arctiq is growing, and we are looking for a DevSecOps Consultant with strong communication skills, a results-oriented mindset, and a passion for presenting and teaching. As part of our dynamic team, you'll collaborate with talented and like-minded industry individuals, driving advanced software-based platform solutions for our clients. You will work with development, operations, and security teams to ensure that security is seamlessly integrated into the entire software development lifecycle. Your primary focus will be on automating security processes, identifying vulnerabilities, and implementing solutions to mitigate risks. Embrace a culture of continuous learning and tech experimentation as we navigate the forefront of emerging technologies.

Role Responsibilities

• Guide end-to-end client involvement, covering opportunity identification, proposal processes, architecture and design, and project delivery. Follow industry standards, delivering top-tier solutions to our valued customers.
• Assess, recommend, and implement DevOps technology solutions in alignment with client business requirements, ensuring a strategic fit and optimal functionality.
• Lead clients towards industry best practices in cloud adoption and innovative business engagements, fostering a transformative approach to technology solutions.
• Collaborate with client development teams to promote transparency in processes, ensuring a clear understanding of roles and responsibilities across the Software Development Life Cycle (SDLC).
• Develop innovative solutions, architectures, proof of concepts, demo/lab environments, and compelling business cases. Showcase the benefits of digital transformation programs and the adoption of cutting-edge solutions.
• Work closely with the Project Management Office (PMO) to provide visibility into project delivery scope, timelines, and expectations. Ensure the delivery of high-quality projects on time and within budget.
• Collaborate with Partner and Marketing teams to develop content, including sales collateral, blog posts, podcasts, and live workshops. Present at company and partner events, contributing to thought leadership in the industry.
• Provide mentorship and coaching to junior team members, fostering professional development. Actively participate in professional associations, industry events, and community engagements, contributing intellectual property (IP) development.
• Keep abreast of industry trends and technology developments by maintaining partner certifications and actively participating in technology events.

How will you stand out?

• Bilingual French & English

• Experience with SAST, DAST, IAST, RASP tools for meticulous source code and application security and vulnerability analysis.
• Experience with CNAPP concepts and seamless integration within AWS, GCP, Azure environments.
• Knowledge of container and Kubernetes hardening, emphasizing security best practices.
• Knowledge of secure coding practices and the ability to review and provide guidance on application code for security vulnerabilities.
• Capable of conducting security code reviews to identify complex security issues that automated tools might miss.
• Experience in integrating security seamlessly into SDLC CI/CD pipelines for automated checks and validations.
• Proficiency in conducting threat modeling exercises to identify and mitigate potential security threats early in the development process.
• Implementation of secure logging practices with observability tools for proactive threat detection.
• Ability to create and maintain comprehensive security documentation, including requirements and guidelines.
• Proactive promoter of a security-first mindset, advocating robust security within the DevOps culture.
• Enthusiastic about Application Security, staying abreast of industry advancements and driving improvements.

What will you bring to the role?

• Over 5 years of hands-on experience in technical infrastructure (cloud and on-premise), encompassing systems design, deployment, maintenance, and troubleshooting.
• Over 2 years of experience in Software Reliability Engineering/Systems Engineering/DevOps role is required
  
• Over 2 years of experience with provisioning infrastructure through IAC (preferably Terraform) and cloud automation principles
• Demonstrated and applied experience in establishing and delivering complex projects, showcasing a track record of successful implementations.
• Experienced in configuring, deploying, and maintaining containers and related orchestration platforms, including Docker, Kubernetes, OCP, GKE, and AKS.
• Proficient use of SCM tools such as Git, GitHub, and GitLab for efficient version control and collaborative development.
• Experience with automation and configuration management solutions, utilizing tools like Ansible, Terraform, Octopus Deploy, AWS Config, and Azure Automation & Control.
• Skilled at coding and scripting languages, including but not limited to Python, Perl, BASH, and Typescript.
• Proven experience with API management platforms and tools such as Apigee-X, PostMan, AWS API Gateway, Azure API Management.
• Experience in secrets management solutions like KMS, HSMs, Hashicorp Vault

Desired Certifications:
* Preference will be given to those applications who have some of the following, general cyber security certifications may also be considered.

• SAST tools (Snyk, Checkmarx, GitHub Advanced Security)
• CNAPP tools (Lacework, Aqua, SysDig)
• Public Cloud Professional Certifications (Azure, AWS, GCP)
• CNCF Kubernetes Certification (CKA, CKS)

Arctiq is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know.

We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply.

We thank you for your interest in joining the Arctiq team! While we welcome all applicants, only those who are selected for an interview will be contacted.