Title: DevSecOps Engineer
Location: 100% Remote (Vancouver preferred)
Duration: 1 year (with the possibility of extension)
Travel: Business travel (North America) 5% - 15% (circumstance-dependent)
High-Level Description
We are seeking a skilled and proactive DevOps/Security Engineer to join our team at ACRE. This role is critical for ensuring the reliability, security, and efficiency of our systems. The ideal candidate will have a strong background in DevSecOps practices, AWS cloud infrastructure, and security protocols, with a passion for optimizing processes and safeguarding systems.
Specific Accountabilities
- Monitor system performance and reliability, ensuring high availability and responsiveness of the ACRE platform.
- Implement and manage cloud infrastructure on AWS.
- Collaborate with software engineers and product teams to integrate security best practices throughout the development lifecycle.
- Incorporate and maintain security assessments and vulnerability scans into the delivery cycle.
- Oversee penetration and ethical hacking testing.
- Develop and maintain documentation for infrastructure configurations, deployment processes, and security protocols.
- Stay current with industry trends and emerging security threats, applying new techniques and technologies to enhance the security posture of the organization.
- Provide support for incident response and disaster recovery planning, ensuring business continuity in the event of a security breach or system failure.
Scope
- Critical role as a member of the ACRE team, integrating security best practices throughout the development lifecycle and improving deployment efficiency.
- Supports the short-, medium-, and long-term goals of the company, up to and potentially including an external sale process.
- As part of a start-up environment, this role requires building strong relationships and collaborating closely with the Technical, Marketing, and Sales teams.
Contacts
- Internal: Communication with corporate functions (including Insurance and TIS).
- External: Communication with external customers or service providers (including Brokers, Advisors, Developers, and others).
Knowledge and Skills
Required
- Bachelor’s degree in Computer Science, Information Technology, or a related field.
- 7+ years of experience in DevOps, cloud engineering, or security engineering (preferably in a startup or fast-paced environment).
- Proven ability to manage and secure AWS environments across multiple accounts using AWS Organizations, IAM, centralized logging, and cost/resource governance.
- Strong proficiency with common AWS services (ECS, S3, Lambda, Route53, RDS, DynamoDB, etc.).
- Experience with infrastructure as code (IaC) tools such as Terraform for managing cloud resources.
- Familiarity with GitHub Actions CI.
- Hands-on experience implementing security controls such as SCA/SAST/DAST scanning, secrets management, and compliance monitoring aligned with SOC 2, ISO 27001, or similar standards.
- Proficiency in Terraform for provisioning and managing secure, scalable cloud infrastructure in a repeatable and auditable manner.
- Experience integrating AWS services (CloudTrail, GuardDuty, CloudWatch) with enterprise SIEM platforms (Splunk, Sentinel, QRadar) for centralized log ingestion and correlation.
- Ability to design and implement real-time monitoring and alerting solutions using CloudWatch, EventBridge, and third-party observability platforms, defining actionable alerts and escalation workflows.
- Solid understanding of security best practices, including network security, application security, and data protection.
- Excellent problem-solving skills and the ability to work independently and collaboratively in a team environment.
Preferred
- Knowledge of compliance frameworks and regulations relevant to the insurance or legal industries (e.g., GDPR, HIPAA).
- Familiarity with monitoring and logging tools (e.g., Prometheus, Grafana, ELK Stack) to ensure system health and security.
- Relevant certifications (e.g., AWS Certified DevOps Engineer, CISSP) are a plus.
