DevSecOps Engineer

3 Lý do để gia nhập công ty

• Hybrid and flexible working environment
• Innovative Product
• Growth Opportunities

Mô tả công việc

DevSecOps Engineer is responsible for deploying and managing security tools, ensuring seamless integration across cloud and on-premises environments. This role includes vulnerability management, incident response, compliance with industry standards, and conducting security audits to safeguard the organization's infrastructure.

About PAVE - A product of Discovery Loft

PAVE 🔧🚗is an innovative automotive technology company transforming the way the world inspects vehicles. Powered by Intelligent Damage Detection capabilities, PAVE enables anyone with a smartphone to complete a guided vehicle inspection simply by taking photos of their car.

Headquartered in Toronto, our team brings deep expertise from both the automotive and technology industries, blending the best of artificial intelligence and automotive intelligence.

For more information, visit pave.ai.

What We’d Love From You

• Be open minded to things you do not know,  consistently learn  and grow the skills necessary for the job Be ready to adjust and implement new plans in a fast paced environment Be confident and responsible; responsible down to a single line of code. 
• Always be working on self improvement; willing to review your progress and see how you can make it better 
• Getting the job done is a priority. 
• Have good sportsmanship and be competitive; we have structured the responsibilities to be somewhat like a game! 
• Be respectful and helpful to others and your working environment
• Treat yourself well and save the Earth.
• Be motivated, creative and passionate - it will ignite the rest!

Responsibilities

• Security Systems & Integration:
  Deploy and configure security tools such as PAM, SIEM (Splunk), EDR/XDR/NDR, IAM, and cloud security platforms.
  Integrate these systems with existing infrastructure, ensuring seamless operation across cloud and on-premises environments.
• Vulnerability & Risk Management:
  Perform vulnerability assessments, manage security patches, and track threat intelligence.
  Prioritize vulnerabilities based on severity, ensuring remediation within SLA.ư\
• Incident Response & Monitoring:
  Contribute incident response efforts, managing the process from detection to mitigation.
  Use SIEM and EDR tools for real-time security monitoring and alert management.
  Develop and maintain incident response playbooks and escalate issues when necessary.
• Compliance & Endpoint Security:
  Ensure security systems comply with frameworks like ISO 27001, SOC2, and GDPR.
  Manage endpoint security through MDM solutions, ensuring secure configurations and device management.
• Security Audits & Penetration Testing:
  Conduct penetration tests and security audits to assess system vulnerabilities and recommend improvements.
  Apply CIS, STIGs, and other security benchmarks to infrastructure.

Yêu cầu công việc

Requirements

• Familiarity with data engineering and building data intensive applications
• Ability to manage multiple concurrent projects and initiatives
• 3+ years work experience securing enterprise-scale infrastructure software and services
• 2+ years work experience writing code in at least one of this languages Golang, Python, Javascript, PHP
• Experience in managing endpoints (macOS, iOS and ChromeOS) using MDM solutions, specifically defining and applying secure configurations.
• Experience in reviewing distributed systems design and conducting threat model assessment of infrastructure software and services.
   
• Preferred qualifications:
  Professional Google Workspace Administrator and Certified Information Systems Security Professional (CISSP) certifications
  Experience applying CIS benchmarks and/or STIGs
  Experience with SIEM, SOAR and cloud data management systems (e.g. Chronicle, Databricks, Trino)
  An ability to think creatively and holistically about reducing security risk in a complex environment
  Proven ability to analyze, troubleshoot and resolve complex technical problems
  Well versed in network design and network security best practices.
• Soft Skills:
  Strong problem-solving, and decision-making abilities.
  Excellent communication and interpersonal skills.
  High adaptability in a fast-paced, dynamic environment.

Education: Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent practical experience.
 

Tại sao bạn sẽ yêu thích làm việc tại đây

1. Competitive Compensation & Perks

• Attractive salary package.
• 15 days of annual leave.
• Year-end bonus equal to one month’s salary.
• Premium healthcare coverage for you and your family.
• Thoughtful appreciation gifts throughout the year.

2. Growth & Learning Opportunities

• Work on cutting-edge, large-scale products in the car inspection field.
• Clear career paths for both technical experts and aspiring leaders.
• Continuous learning programs to sharpen your skills and grow your career.
• Learn from everything, everywhere—but be a smart copy-paster, not a copycat!
• Be ready to embrace and implement new ideas in a fast-paced environment.

3. An Inspiring Workplace

• Flexible hybrid work model and a strong focus on work-life balance.
• A modern, fully-equipped Office with a well-stocked pantry.
• Be motivated, creative, and passionate—we can’t ask for more!
• Respect and care for your teammates, your environment, and even yourself.
• Treat yourself well, and while you’re at it, save the Earth too.

4. A Mindset for Growth

• Have the courage to move fast, stay flexible, and take full responsibility for every single line of code.
• Always look back at your work and strive to make it better—nothing is perfect, and that’s where you come in.
• It’s okay to be late sometimes, but make sure you’re fully accountable and aware of your actions.

5. A Dynamic and Open Culture

• We don’t stick rigidly to the gameplan, so feel free to add or remove your own “blah blah” from this list. 😉