About The Role
Are you a cloud security professional who loves bridging the gap between engineering and security operations? At Canstar, our Technology team builds and operates the core ecosystem powering services for all our internal and external customers. We are looking for a DevSecOps Engineer to join our team. In this role, you will integrate cloud engineering, security operations, and security engineering to maintain and monitor our overall security posture. You will be assisting with our security roadmap, identifying risks, leveraging automation to eliminate repetitive tasks, driving good governance, and designing agile cloud solutions that ensure fast, secure deployment.
What You'll Do
* Maintain and patch cloud infrastructure to meet SLAs and security standards. Monitor alerts, logs, and events to proactively investigate potential incidents.
* Manage infrastructure security projects that align with the business's risk appetite, improving our security posture while adding commercial value.
* Design, implement, and maintain security controls across our networks, systems, and applications. Perform vulnerability assessments and support penetration testing.
* Embed security seamlessly throughout the development lifecycle (SDLC) and provide security awareness training and updates across IT teams and the Security Committee.
* Follow Agile practices to optimize team processes, evaluate emerging technologies, and coach/mentor junior infrastructure team members.
* Support Business Continuity and Disaster Recovery planning, perform impact analyses on major design options, and utilize adaptive systems design.
What You'll Bring
* 5+ years of experience in DevOps/CloudOps (AWS and/or GCP) and a Bachelor's degree in IT, Computer Science, Cyber, or equivalent experience.
* 3+ years building secure infrastructure and managing security systems (firewalls, IDS, SIEMs, log management, vulnerability scanners).
* Advanced proficiency with Kubernetes (EKS), Docker, Terraform, Python, and CI/CD pipelines.
* A strong understanding of NIST, ISO 27001, The Data Privacy Act, and Essential 8.
* Exceptional problem‐solving skills in unfamiliar territory, a knack for automating tasks (and adopting AI tools), and experience translating security data into an actionable backlog.
* Strong collaboration, change management, and communication skills to effectively share security strategies with stakeholders at all levels.
Bonus Points For
* Certifications such as CISSP, CCSP, CompTIA Security+, AWS Security Specialty, or AWS Solutions Architect Professional (or GCP equivalents).
* Experience managing and securing Google Workspace.
At Canstar Group, our inclusive vision is to create a workplace where our people feel safe and confident to bring their unique selves to work. We are committed to celebrating each individual's unique backgrounds, experiences, abilities and perspectives. As an Equal Opportunity Employer, we invite applications from all individuals regardless of race, national origin, gender, sexual orientation, age, religion, or disability. If you have a disability or specific access needs, we encourage you to discuss any adjustments you may need to our recruitment process.
How Can You Join The Team
If this sounds like you, and you are up for a fresh challenge with a great company, please click apply now and ensure that your CV and cover letter has been uploaded to your profile. Recruitment agencies: We politely ask that you refrain from contacting our People & Culture team or hiring managers directly. Canstar does not accept any unsolicited referrals from recruitment or job placement agencies.
#J-18808-Ljbffr