Détails du poste
- Lieu de travail : Montreal (Hybride)
- Type de poste : Permanent à temps plein
Description du poste
Work Mode: Hybrid (2 days/week onsite)
We are seeking a DevSecOps Specialist with hands-on experience in the implementation, integration, and operation of the Snyk platform within an enterprise DevSecOps environment. The ideal candidate will help strengthen application security by integrating security controls into CI/CD pipelines, supporting development teams, and ensuring effective vulnerability management.
Responsabilités clés
- Deploy, configure, and administer Snyk solutions within an enterprise environment.
- Integrate Snyk into CI/CD pipelines, preferably using GitLab CI/CD.
- Configure and maintain automated security controls, quality thresholds, and security gates within delivery pipelines.
- Support development teams in identifying and remediating security vulnerabilities.
- Integrate applications and code repositories into the Snyk platform.
- Analyze, assess, and prioritize identified vulnerabilities.
- Manage false positives, risk acceptance processes, and remediation workflows.
- Develop and maintain security dashboards, KPIs, and reports for stakeholders.
- Contribute to the continuous improvement of DevSecOps practices and vulnerability management processes.
Vos futures fonctions et responsabilités
Expérience requise
Minimum of 3 years of experience in Application Security, DevSecOps, or administration of DevSecOps tools.
Minimum of 2 years of hands-on experience with Snyk.
Experience with one or more of the following Snyk modules:
- Snyk Open Source (Software Composition Analysis – SCA)
- Snyk Code (Static Application Security Testing – SAST)
- Snyk Container
- Snyk Infrastructure as Code (IaC)
Compétences techniques
- Experience integrating Snyk into CI/CD pipelines, preferably using GitLab CI/CD.
- Experience configuring automated security controls, quality gates, and security checks.
Strong understanding of the following concepts:
- Software Composition Analysis (SCA)
- Static Application Security Testing (SAST)
- Container Security
- Infrastructure as Code (IaC) Security
- Vulnerability Management and Remediation Processes
Qualifications requises pour réussir dans ce rôle
Expérience pratique souhaitée
- Integrating and managing applications and repositories within the Snyk platform.
- Analyzing, assessing, and prioritizing security vulnerabilities.
- Supporting development teams in vulnerability remediation activities.
- Managing false positives and risk acceptance processes.
- Tracking remediation plans and vulnerability management workflows.
- Creating and maintaining security dashboards, metrics, and reporting.
Profil du candidat
- Excellent communication and collaboration skills, with the ability to work effectively across multidisciplinary teams.
- Ability to clearly communicate security concepts and risks to both technical teams and business stakeholders.
- Strong analytical skills, attention to detail, and ability to work independently.
- Continuous improvement mindset with a focus on automating security practices and processes.
Compensation
CGI provides a reasonable estimate of the salary range for this position. The compensation range is determined based on various factors, including skills, geographic market, experience, education, professional licenses, and certifications. Compensation decisions are made based on the specific circumstances of each candidate.The estimated salary range for this position is $60, to $, CAD.
#LI-AM
Bilingualism (French and English) is required for this position due to the nature of the role requiring interaction with national and global clients.
Compétences
- French
- DevOps
- GitLab
- Infrastructure as a Code
- Quality assurance
- Vulnerability management(IAVM)
