Insight Global is looking for a DevSecOps Practitioner for one of our top clients. This is a 6 month contract, with a high likelihood of extensions. It is preferred that a candidate sits in Calgary, Saskatoon or Loveland, Colorado; however, it is a remote opportunity. The Cyber DevSecOps Practitioner will focus on integrating security throughout the software development lifecycle (SDLC). This includes working with the dev team in identifying, assessing, and remediating vulnerabilities in code, infrastructure, and applications. Previous experience working as a developer is a must for this role. Additionally, the position will be responsible for providing teams with guidance on cyber security issues that need to be remediated.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
- 5+ years experience as a developer. Have a full understanding of full stack application development and mobile development on IoS and android.
- Experience writing and running queries to prepare metrics reports and dashboards
- Understanding of scanning tool APIs to architect integrations with other tools
- Familiarity with security and risk standards including ISO 27001-2, ISTO 31000, PCI DSS, NIST, ITIL, COBIT, CVSSv4, MITRE ATT&CK
- Understanding of various operating systems (Windows, Unix, MacOS etc.); cloud concepts (secure build images, ephemeral workloads, cloud patching etc.); knowledge of networking fundamentals
- Hands on operational experience with vulnerability management scanning tools (e.g. Qualys, Rapid7, Tenable, CrowdStrike, Trufflehog, Gitleaks, Synk) including the ability to deploy, configure, and run these tools.
- Bachelors degree in the field of Computer Science, Information Systems, Engineering, Business or related field and a minimum of 6 years of related work experience; or a master's degree and 5 years of related work experience.
CISSP or other relevant cybersecurity certification is preferred
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.