CoLab Software is a team of passionate and driven engineers, developers and innovators who are setting the new standard for engineering collaboration. We take pride in our ability to continuously learn from each others’ unique skill sets and perspectives, and apply that knowledge to solve customer problems. Our rapid growth and continuing success mean we have an opening for an experienced DevSecOps-Cloud Security Specialist.
Fortune 500 manufacturing companies and industry leading design firms rely on CoLab to securely share and review design data, and build higher quality products. We are looking for that special someone to help build and shape the future of CoLab’s enterprise security program and cloud infrastructure platform. In this role you will be critical in the decision making process, and play a key role in the design and implementation of core security infrastructure to support the security framework that is key to the CoLab platform.
The ideal candidate possesses:
- strong technical and analytical skills, providing accurate analysis of, and solutions to, security-related problems and challenges;
- a high degree of tenacity, ingenuity, creativity, independence, flexibility, and aptitude;
- a strong sense of ownership, team responsibility and team trust;
- the ability to function in a fast-paced environment; and,
- passion and enthusiasm.
As a DevSecOps-Cloud Security Specialist at CoLab you will:
- be an essential member of the team in this hands-on role that requires a high degree of technical security expertise in a cloud ecosystem (AWS);
- have strong knowledge and experience in secure software development including web and mobile application development, AWS development and automation (e.g. AWS Lambda) and Infrastructure as Code (e.g. Terraform);
- implement cyber security solutions to monitor, detect and react to real time attacks and breaches, consistent with the goals and risk tolerance of the organization;
- conduct security testing and configuration review of cloud based infrastructure, web and mobile applications including code review, penetration testing and other security testing as required;
- assist in designing, building and maintaining corporate IT solutions and IT infrastructure;
- expand your skills and experience to proactively stay current with developments in relevant technologies;
- tap into your knowledge, passion and experience to contribute meaningfully to CoLab’s purpose;
- assist in providing security mentorship and training on security awareness and secure software development practices to the entire company; and,
- work with inspiring leaders who support your development, both personally and professionally.
The role and responsibilities of the DevSecOps-Cloud Security Specialist will continue to evolve, influenced by changes in business demands, technologies and security threats. Every team member at CoLab will, from time to time, be required to complete “other duties as assigned.” The ideal candidate will be flexible and willing to take on new challenges and complete tasks that may be considered outside the traditional scope for their role. Team members are expected to take on these responsibilities as required to support and contribute to the company and product vision, ideation and planning from a security and IT perspective.
- Knowledge and experience in software development, secure software development life cycle, secure code review and security testing (web application penetration testing).
- Strong knowledge of network architecture, security event monitoring, offensive and defensive techniques, vulnerability management and forensics, as well as intrusion techniques and practices.
- Knowledge and experience in DevOps environments including maintaining security in CI/CD processes and deployment tools such as Terraform Cloud & Ansible.
- Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment.
- Proficiency in AWS CLI/API, shell scripting, and Python.
- Knowledge of AWS architecture and services, automation strategies and tools.
- Experience working with AWS container and microservices technology, real time scalability and highly available solutions.
- Experience with AWS security services.
- Experience in cloud based Web Application Firewall and DDoS protection services.
- Knowledge of network based, system level, and application layer attacks and mitigation methods.
- An in-depth understanding of cybersecurity issues, log management and analysis.
- Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security.
- Ability to clearly and effectively communicate concerns and issues to other teams.
- Experience in developing, documenting, and maintaining security procedures.
- Solid understanding of threat modelling, vulnerability management & incident mitigation.
Industry recognized professional certification such as AWS Solutions Architect, OSCP, CISSP, GWAP, or other relevant certifications would be a valuable asset.