Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Go RH

Senior DevSecOps Security Specialist

Go RH

Lead the design and implementation of automated security pipelines (SAST/DAST/SCA), SBOM management, and security-as-code policies. Work with development teams to remediate vulnerabilities and harden Kubernetes and Azure environments.

Posted 6/8/2026full-timeMontréal • 🇨🇦 CanadaSeniorWebsite

Tech Stack

Tools & technologies
AnsibleAzureCloudDockerGoJenkinsKubernetesPythonTerraform

About the role

Key responsibilities & impact
  • Design, implement, and maintain automated security pipelines: SAST, DAST, SCA, container scanning, and IaC scanning
  • Integrate security tools into existing CI/CD pipelines (Bitbucket Pipelines, Azure DevOps) without introducing excessive friction
  • Implement and manage an SBOM inventory
  • Automate vulnerability scanning of container images and third-party dependencies
  • Define and enforce security policies as code: quality gates, vulnerability thresholds, and configuration compliance
  • Establish security guardrails for AI agents used in development (GitHub Copilot, generative code tools)
  • Collaborate with development teams to rapidly remediate vulnerabilities detected in pipelines
  • Contribute to hardening Kubernetes and cloud (Azure) environments
  • Document DevSecOps security standards and provide training to development teams
  • Participate in security impact analyses for change requests

Requirements

What you’ll need
  • Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or a related field
  • 3–5+ years of DevOps experience with a strong security focus, or experience in application security
  • Hands-on experience with CI/CD pipelines (Bitbucket Pipelines, Jenkins, Azure DevOps, GitHub Actions)
  • Practical experience with Kubernetes, Docker, and Azure cloud environments
  • Experience with application security tools: SonarQube, Snyk, Trivy, Checkov, or equivalents
  • Proficiency with Infrastructure as Code (Terraform, Ansible) and GitOps practices
  • Deep knowledge of Kubernetes orchestration platforms and container security
  • Proficient in scripting/programming for automation (Python, Bash, Go or similar)
  • Familiarity with security standards: OWASP Top 10, CIS Benchmarks, NIST SP 800-53
  • Understanding of SBOM concepts (CycloneDX, SPDX) and software supply chain security
  • Ability to communicate and explain security concerns to development teams in plain language
  • Fluency in French and English, both written and spoken — a functional level of English is required to participate in collaborative projects serving a pan-Canadian (or global) client base

Benefits

Comp & perks
  • Hybrid work model aligned with role requirements, with scheduled on-site presence
  • Vacation starting from the first year
  • Opportunities for internal advancement
  • Annual bonus
  • Group insurance plan (dental, vision, and travel insurance)
  • Defined-benefit pension plan
  • Employee wellness: $400 wellness allowance, Employee and Family Assistance Program (EFAP), and telemedicine service

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
DevOpsapplication securityCI/CD pipelinesKubernetesDockerAzure cloudInfrastructure as Codescriptingvulnerability scanningsecurity policies as code
Soft Skills
communicationcollaborationtrainingproblem-solvingexplanation of security concerns
Certifications
Bachelor's degree in Computer ScienceBachelor's degree in Software EngineeringBachelor's degree in Cybersecurity