Skip to content

Security Engineer-Automation Engineer

  • On-site
    • Ottawa, Ontario, Canada

Job description

Location:         On-site in Ottawa, ON

                        Must be willing to relocate

Term:               Full time, permanent   

The Security Automation Engineer is responsible for analyzing, designing, implementing, and maintaining security best practices in applications, IT infrastructure, and operations. The role requires conducting security assessments, automating security scans, ensuring compliance with industry standards, and collaborating with internal teams to strengthen the organization's security posture.

Your responsibilities include:

  • Analyze, test, and assess system security requirements, identifying potential vulnerabilities and implementing risk mitigation strategies.

  • Design, develop, test, implement, and oversee IT Security Systems within the Secure Software Development Lifecycle (SDLC).

  • Maintain and monitor automated security scans, including Web Security, OS Security, Network Security, and Third-Party Software Compliance Scans.

  • Investigate and resolve failures during security scans to enhance system security, efficiency and overall quality of software products.

  • Review existing IT systems and internal processes to ensure compliance with security best practices.

  • Perform vulnerability assessments, penetration testing (SAST, DAST, internal application & infrastructure testing), and secure code reviews.

  • Lead and manage compliance programs, including SOC 1/2/3, PCI DSS, HIPAA, ensuring adherence to regulatory frameworks.

  • Develop and implement policies, procedures, and quality assurance and security tests to improve security within IT infrastructure and throughout the software development lifecycle.

  • Provide security guidance for cloud computing products and services, particularly AWS (IAM, EC2, S3, VPC, Route 53, etc.).

  • Manage system upgrades and dependency management, including migrating internal images from Debian 11 to Debian 12, handling major library updates (PHP, Python, cURL), and resolving UID-related issues affecting data volumes in container builds.

  • Implement security and quality assurance solutions using Jenkins and cron jobs to streamline obsolete/legacy build management while overseeing MongoDB database updates and migrations across Debian versions.

  • Utilize Git/SVN, Jenkins, WAF, IDS/IPS, DDoS prevention tools, OWASP security frameworks, and secret detection tools to improve security posture.

  • Utilize SIEM tools for real-time monitoring and analysis of security alerts from cloud infrastructure and applications.

  • Oversee Incident Management, Change Management, Security Policy Management, and Security Incident Response processes. Analyze and triage vulnerabilities, providing risk mitigation strategies and preventative measures.

  • Collaborate with development teams using Jenkins, GitOps, and Make while leveraging JIRA to track, prioritize, and remediate vulnerabilities, ensuring applications utilize secure, up-to-date base images.

  1. Maintain documentation on IT security, compliance requirements, and best practices to enhance team collaboration and knowledge sharing.

Job requirements

  • A Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or a related field.

  • Minimum of 4+ years of experience in an application/product security role.

  • Experience in security compliance and audit preparation for SOC 2, PCI DSS, HIPAA, and other industry standards.

  • Strong knowledge of security best practices within cloud environments, particularly AWS

  • Hands-on experience with security testing methodologies, including OWASP, vulnerability scanning, penetration testing, and risk assessments.

  • Proficiency in scripting languages such as Python and Bash for automating security tasks.

  • Familiarity with security tools like Secret Manager, Tenable/Nessus (DAST), and SIEM solutions.

  • Strong analytical and problem-solving skills in a fast-paced security environment.

  • Excellent communication skills to effectively collaborate with cross-functional teams and stakeholders.

High Tech Genesis Inc. is an Equal Opportunity Employer. Diversity and inclusion are at the core of our values.

Please be advised:

  1. Applicants must have the legal right to work in Canada.

  2. Kindly submit your resume in MS Word format upon application for this position.

or