As a developer in this team, you will build the tooling required to implement DevSecOps the best way possible for Coveo. On top of it, you will build and maintain multiple internal services that work together to support day to day security operations, like access management, continuous compliance or security testing. You will be collaborating with our entire R&D department to help them ship innovations faster and safer, by absorbing the complexity and making their life easier. All that, in the cloud, using the best providers out there. Do you have an idea that saves time for everyone else? Do it!
Here is a glimpse at your responsibilities:- Own the security tools Coveo uses in both the continuous integration and continuous deployments pipeline
- Develop and support access management workflows to control and monitor access to infrastructure and applications.
- Push the envelope, find clever solutions to make Coveo reach its key objectives
- Participate in vulnerability management processes by triaging findings, managing exceptions, and helping ensure timely remediation
- Support compliance automation using tools to enforce standards across cloud infrastructure.
- Design, deploy, and maintain web application firewalls to protect Coveo from potential vulnerabilities.
- You are well versed in producing reusable code in Python, building robust and scalable systems.
- You have in-depth knowledge of best security practices in the context of software development.
- You have hands on previous Cloud service provider experience (ideally AWS), configuring and exploiting a variety of services, including Compute, Storage, Networking and Kubernetes
- You possess in-depth knowledge of DevOps tools and workflows, enabling seamless integration of security practices throughout the software development lifecycle.
- You have a track record of automating processes to reduce complexity for other developers.
- Bonus if you are proficient with Terraform for infrastructure-as-code, especially for security-related resources like IAM roles, secrets, etc.
- You have previous experience in managing one or more of the following: Anomalies and Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), Security information and event management (SIEM).
You don’t need to check every single box; passion goes a long way and we appreciate that skillsets are transferable.
Send us your application, we want to get to know you!
Join the Coveolife!
We encourage all qualified candidates to apply regardless of, for example, age, gender, disability, gaps in CV, national or ethnic background. We know that applying for a new role is a lot of work and we really appreciate your time.
The job title is subject to change based on internal practices or the organization’s structure.
#li-hybrid
Top Skills
Similar Jobs
What you need to know about the Montreal Tech Scene
Key Facts About Montreal Tech
- Number of Tech Workers: 255,000+ (2024, Tourisme Montréal)
- Major Tech Employers: SAP, Google, Microsoft, Cisco
- Key Industries: Artificial intelligence, machine learning, cybersecurity, cloud computing, web development
- Funding Landscape: $1.47 billion in venture capital funding in 2024 (BetaKit)
- Notable Investors: CIBC Innovation Banking, BDC Capital, Investissement Québec, Fonds de solidarité FTQ
- Research Centers and Universities: McGill University, Université de Montréal, Concordia University, Mila Quebec, ÉTS Montréal
