New Value Solutions, a national IT consulting company, is seeking a Security Engineer to join a DevSecOps team working with Enterprise Development, Innovation, Common Engineering, and Operations teams. The objective is to identify application, infrastructure, and system-level technology security risks, identify and evaluate critical failure points, determine security controls and policies to mitigate risks, and prioritize and schedule these controls within application delivery timelines. Additionally, the successful candidate will assume a hands-on role in implementing remediations.

This candidate will also drive the GenAI security strategy, enhance Cloud application security policies in Azure, and assist in maturing their security engineering program. The Senior Security Engineer will take the lead in developing innovative security tools, mentoring other members of the client's DevSecOps team, and partnering closely with development teams to deliver secure, cutting-edge applications. By bridging technical expertise with strategic thinking, this role will be critical in ensuring that security remains a core component of innovation and operational excellence.

Responsibilities:

• Partner with architecture, application, security, and operational teams to identify security patterns, requirements and drive security on AI and Cloud application projects.
• Research new security threats for GenAI systems and mechanisms for defending against such threats, to continuously improve security guidance and solutions.
• Collaborate with cloud engineers and application developers to build automated tooling and solutions that support teams throughout their software development journey.
• Define security controls for implementation of platforms using AI/ML using a combination of Cloud-native and On-Premises Security tools and applications.
• Conduct security reviews and recommendations for IaaS, PaaS, and SaaS Cloud environments, cloud applications, and AI solutions.
• Develop Cloud Security requirements and policies for IaaS, PaaS, and CaaS environments built using Terraform.
• Design and implement security controls and policies with Microsoft Defender Suite, Microsoft Security Center, and equivalent security tools for Cloud applications.
• Document security guardrails for AI and cloud application security and build the knowledge within the team of security engineers.

Requirements:

• Undergraduate degree in Computer Science or STEM (Science, Technology, Engineering or Math).
• 10+ years of work experience in progressively complex roles focused on information security and secure application development.
• 1+ years of experience in securing GenAI solutions.
• Demonstrated subject matter expertise in Application Security, API security, and GenAI/LLM security.
• Programming expertise with C#, Python, and Agile SDLC processes.
• In depth experience with threat modeling, secure code reviews, and penetration testing.
• Experience architecting and leading security for Cloud native applications in Azure.
• Demonstrated expertise in product/application security architecture, network security, application security, web services, Angular, JavaScript.

Preferred Knowledge and Experience:

• Expertise in the security of Gen AI models, including multi-modal models.
• Experience in performing the penetration testing for GenAI models and related solutions.
• Experience with the security of automation built around Gen AI inputs and outputs.
• Knowledge of Azure cloud architecture, Azure Defender, and Azure Security Center policies.
• Experience in defining and documenting security reference architectures and standards.
• Experience with automation tools associated with Azure DevOps and CI/CD pipelines, and with security tools integration into CI/CD.
• Experience in automation of security controls for Azure and CI/CD pipelines.
• Experience with SAST/DAST/SCA tools like BurpSuite and Mend.
• Knowledge of Secure SDLC frameworks such as NIST SSDF, OpenSAMM, and BSIMM.

If you have this expertise, and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those candidates who are shortlisted will be contacted.

ID# 4725

The hourly rate range for this position is $85 - $110, with the final rate based on consultant experience and fit for the role.