DevSecOps Engineer (Senior)


Kitchener City, Ontario, CA / Toronto, Ontario, CA
  • Job Type: Full-Time
  • Function: IT
  • Post Date: 05/30/2021
  • Website:
  • Company Address:

About ApplyBoard

At ApplyBoard, we believe that education is a right, not a privilege. We empower people around the world to access the best education available. Through our platform and team of experts, we streamline the application process, from submission to enrolment, assisting thousands of students to pursue their dreams of studying abroad.

Job Description

We’re building a movement - an education revolution. We’re building a world where anyone, anywhere can have access to the best education regardless of where they were born. At our core, we believe education is a right, not a privilege. To that end, we’re building a company and a suite of products to lead the charge in transforming access to education. ApplyBoard is an online platform that empowers students around the world to access the best education by connecting international students, recruitment partners, and academic institutions. We simplify the study abroad search, application, and acceptance process. Not only do we help students with their study abroad journey, but we also help academic institutions to find the best students globally. Our goal is to help enable better, more diverse, schools that are enriched with cultures from all over the world.
The Opportunity:
As a Senior DevSecOps Engineer, you will be a hands-on technical leader within the Cloud Services team. You will be working under the direction of the DevSecOps team lead to provide a secure infrastructure for development and production environments.  You will implement industry best practices focused on cloud and application security, using an array of tools, cloud services, and third-party integrations to improve the overall security posture at ApplyBoard. Within this role, you will interact with other DevOps teams, software engineering leads, security analysts, development managers, data governance managers, auditors (internal and external), and business managers to develop and evaluate both new and existing technologies. The Senior DevSecOps Engineer will help deliver on new initiatives as well as helping the team troubleshoot and maintain existing systems as the need arises

What you’ll be doing every day:

    • Lead the security strategy governing the cloud-based platform infrastructure
    • Define and own guidance, alerts, and security as code deployments to provide protection from malicious traffic, vulnerabilities, and other attack vectors
    • Oversee building and maintaining a modern cloud infrastructure architecture that aligns to business requirements and industry security, compliance, performance, and resilience best practices
    • Build and maintain monitoring, auditing, and reporting frameworks that produce artifacts that support security and compliance needs
    • Architect procedures to automate security tasks that seamlessly integrate into code builds and deployments
    • Build security utilities and tools for internal use that enable the DevSecOps team to operate at high efficiency
    • Develop security and compliance capabilities in support of DevOps processes
    • Research security industry trends and best practices to share with the organization through presentations and training sessions
    • Research, prototype, and implement new services and/or tools to support the delivery of capabilities in our engineering roadmap
    • Lead investigation and implementation of tools for continual improvement in our monitoring, alerting, and response systems.
    • Own the management and remediation of potential security risks within our development and production environments
    • Perform deep-dive architectural and application design reviews, documenting existing environments with high levels of detail through architectural diagrams and technical summaries
    • As needed, assist with escalations in support of operational issues
    • Analyze service stack and make recommendations for further improvements
    • Provide documentation and training to improve security best practice awareness across the company
    • Identify processes and capabilities that can be streamlined and automated

What you bring to the table:

    • 5+ years of practical hands-on DevSecOps experience designing, securing, and operating, web-based commercial SaaS products that users love (in any modern tech stack)
    • Expert level understanding of security best practices for client-server product architectures for cloud-based deployments
    • In-depth knowledge of AWS services, best practices, and hands-on experience
    • Cloud and security certifications (Ex. AWS (SA Professional, Security Specialist preferred) GCP, Azure, CISSP, CCSP, CCSK
    • Experience in performing security vulnerability assessments
    • Experience with IAM
    • Knowledge of SSO methodologies (SAML, LDAPS, AD).
    • Experience in DevOps environments and maintaining security in CI/CD processes
    • Experience with Kubernetes and containerized applications and understanding how to secure these
    • Experience developing infrastructure as code (Ex. - Terraform, CloudFormation, AWS CDK)
    • Experience designing processes around DevSecOps tools
    • Experience with cloud-based security management/IDS/IPS/SIEM tools (WAF, Inspector, GuardDuty, New Relic, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, Sumologic, Imperva, etc)
    • Knowledge of network-based, system-level, and application layer attacks and mitigation methods
    • Experience extracting security data from SIEM solutions, audit logs
    • Strong hands-on experience with DevOps practices and CI/CD pipelines 
    • Intimately familiar with SaaS software development, Preferably has a software development background.
    • Great communication skills.  (Yes, everyone writes that - but we really mean it.)
    • Demonstrated ownership and pride in the quality of the software and infrastructure you work on, and the way that it succeeds in meeting the needs of its users
    • Ability to explain and defend an informed opinion while maintaining an open mind

Ideally, you also have experience with some of:

    • ELK stack
    • Relational databases, MongoDB, RedShift, DynamoDB
    • SalesForce, NetSuite, SendGrid
    • Dynatrace, Prometheus, Grafana
    • AI/ML services and MLOps pipelines (SageMaker, Kubeflow, Airflow)
    • Microservices, RESTful APIs, JSON, Kafka
    • Node, React, Ruby, Python
    • Developing and maintaining products that are used by many thousands or millions of people
    • EdTech, eCommerce, or content-management software
    • ITIL
    • Service Ticketing Systems

What We Offer:

      • The opportunity to have an impact on a product that is positively affecting change to thousands of students lives every day
      • Working alongside a brilliant and globally diverse team based in Waterloo and Toronto
      • Great compensation and benefits package to keep you healthy and happy!
Thank you for your interest in ApplyBoard; however, only those applicants that have been selected for an interview will be contacted.  At ApplyBoard, we understand the value of having a diverse team. That’s why we believe in providing equal opportunity regardless of race, national or ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or expression, marital status, family status, genetic characteristics, disability, and conviction. Please let us know if you require accommodation during the recruitment process. 
Life at ApplyBoard:
By joining our team, you have the opportunity to join the fastest-growing technology company in Canada, with many opportunities for growth and advancement. Work alongside a globally diverse team of over 800 team members based in 18 countries, who represent over 30 nationalities and speak more than 40 languages.
Make a difference in the lives of thousands of students as they explore educational opportunities. Want to learn more about Life at ApplyBoard? Check out this video, and be sure to follow us on our Life at ApplyBoard Instagram. 
About ApplyBoard
ApplyBoard simplifies the study abroad search, application, and acceptance process by connecting international students, recruitment partners, and academic institutions on one platform. To date, ApplyBoard has become the world’s largest online platform for international student recruitment, assisting more than 100,000 students with their educational journey.
 In 2019, ApplyBoard was named the fastest-growing technology company in Canada by Deloitte, ranking #1 on the Technology Fast 50™ list. In 2020, ApplyBoard announced a C$170M Series C funding on a C$2B valuation, reaching a ‘Unicorn’ status. This funding will allow us to further invest in our technology, grow our team, and serve more students on our mission to educate the world. 
Thank you for your interest in ApplyBoard. Please note that only qualified applicants that have been selected for an interview will be contacted.  
At ApplyBoard, we understand the value of having a diverse team. That’s why we provide equal opportunity to applicants regardless of race, nationality, ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or expression, marital status, family status, genetic characteristics, disability, and conviction.

Related Jobs

International Recruitment Manager (Delhi)

ApplyBoard - Delhi, IN

International Recruitment Manager (Gujarat, India)

ApplyBoard - Gujarat, India

International Recruitment Manager (Kolkata)

ApplyBoard - Kolkata, IN

International Recruitment Manager (Mumbai)

ApplyBoard - Mumbai, IN

International Student Recruitment Manager (Hong Kong)

ApplyBoard - Hong Kong
Disclaimer: Local Candidates Only
This company does NOT accept candidates from outside recruiting firms. Agency contacts are not welcome.