Canso Investment Counsel Ltd. is a leading independent investment management firm providing portfolio management services to Canadian institutional clients. Founded in 1997, Canso is dedicated to delivering superior long-term investment results through a disciplined and research-driven approach. Our team of experienced investment professionals is committed to maintaining the highest standards of compliance and ethical conduct in all aspects of our operations. We have a happy, family-friendly, and flexible work environment. We value honesty and integrity, and our clients come first.
Position Summary: We are seeking a dynamic and versatile DevSecOps Engineer to design, implement, and oversee critical security and technology initiatives that ensure our organization’s compliance, resilience, and technology excellence.
Key Responsibilities
Security Integration & Deployment:
- Design, Implement and maintain CI/CD pipelines with proper security controls
- Development compliance protocols with enforcement policies
- Ensuring security is a core component of the development lifecycle
Development & Engineering Management
- Conduct regular security assessments of code through peer reviews
- Foster a culture of security awareness and vulnerability assessments
- Work closely with development team ensuring the software is secure from inception to production.
Cloud & Data Security
- Design and implement security controls for Enterprise Data Warehouses (Snowflake) and ensure robust encryption practices.
- Monitor cloud-native tools (Orca, Defender, Elastic.,) and monitor activity for threats
- Manage Terraform state files with encryption and locking preventing unauthorized access
- Enforce/Govern security measures with Key Management tools running prechecks
Business & Risk Management
- Work with key stakeholders and cyber security vendors to identify gaps in security
- Manage security related aspects around key projects and update stakeholders
- Using business analysis skills to understand business operations to apply security solutions
Education
Qualifications & Experience
- Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (or equivalent experience).
Experience
- Minimum 7+ years in DevOps, security engineering, or related roles.
- Proven track record of leading security-focused projects, such as MFA rollouts, VPN deployments, or policy implementations.
- Proven experience in a DevOps, cybersecurity, or related role, with a strong background in application security
Technical Expertise
- Deep knowledge of cloud security (AWS, Azure) and enterprise data platforms (Snowflake).
- Proficiency in Python
- Experience with automation tools (Terraform) and container technologies (Docker)
- Strong programming skills for reviewing and addressing code vulnerabilities.
- Networking protocols and architecture
- Solid understanding of network security.
- Vulnerability management and encryption techniques
- Proficiency with SIEM, IDS/IP, firewalls, and endpoint security tools
Preferred Certifications
- CISSP, CISM, CSA. or equivalent security certifications.
- Microsoft certifications related to security and identity (e.g., MS-500).
Key Competencies
- Leadership & Initiative: Drives solutions with minimal supervision, motivates teams, and builds consensus.
- Strategic Thinking: Balances immediate priorities with long-term risk mitigation and strategic objectives.
- Communication Skills: Excels at conveying technical concepts to non-technical audiences.
- Problem-Solving: Analytical thinking being able to quickly identifies issues, assesses risks, and implements sustainable solutions.
- Adaptability: Thrives in fast-paced environments and effectively handles shifting priorities.
Canso Investment Counsel is proud to be an Equal Opportunity and Affirmative Action Employer.
We are committed to providing accommodations for people with disabilities in all aspects of the recruitment and selection process. If you require accommodation or special assistance, please send an email with your request to PC@Cansofunds.com. Your information will be treated as confidential.
We sincerely thank all applicants for their interest, however only those in consideration for the opportunity will be contacted.
