Share this job
RITM0143416 - Security Engineer
Richmond, BC
Apply for this job

Job Title: Security Engineer

12-month contract | Hybrid in Greater Vancouver Metropolitan Area | 3 days/week on-site | Must hold a valid Canadian Work Visa | Closing Date: Oct 29, 2025


Our client, a major provincial organization, is seeking an experienced Security Engineer to join their DevSecOps team. This role focuses on integrating security throughout the software development lifecycle (SDLC) — from secure design and code review to penetration testing and CI/CD pipeline integration.

The successful candidate will bring a deep understanding of application and cloud security principles, threat modeling, and security testing tools, and will play a key role in ensuring secure software design, deployment, and operations.


Responsibilities:

Secure SDLC & Application Security

  • Perform threat modeling to identify and mitigate security risks during product and application design.
  • Conduct secure design and code reviews, and perform penetration testing (black box and white box) on applications and systems.
  • Execute SCA, SAST, and DAST analyses using industry-standard tools and embed them into CI/CD pipelines.
  • Define and implement security controls across application architecture and infrastructure layers.
  • Develop and maintain Azure security policies to ensure secure cloud deployments.

Security Engineering & Risk Management

  • Design, develop, and sustain security building blocks ensuring confidentiality, integrity, availability, authentication, and non-repudiation.
  • Manage vulnerability and risk management processes throughout the SDLC.
  • Define security user stories and consult with product/application teams on secure design requirements.
  • Perform security validation and tool tuning to ensure accurate, actionable testing results.
  • Coordinate with DevOps teams to integrate secure design practices and support secure delivery pipelines.

Enablement & Governance

  • Deliver training and workshops to development teams on secure coding and threat mitigation techniques.
  • Participate in the selection, proof of concept, and deployment of new security technologies and tools.
  • Ensure all application and infrastructure solutions are compliant with organizational security policies and standards.
  • Support security monitoring during development and act as a subject matter expert in security incident response.
  • Collaborate with other security specialists and mentor technical staff to enhance organizational security maturity.


Qualifications:

Required

  • Undergraduate degree in Computer Science or a related STEM discipline (Science, Technology, Engineering, Math).
  • Minimum 6 years of progressive experience in security engineering roles.
  • Industry certifications such as CISSP, CEH, or equivalent.
  • In-depth knowledge of SCA, SAST, DAST, threat modeling, and penetration testing for web and cloud applications.
  • Strong understanding of security controls across all application and infrastructure layers.
  • Familiarity with DevSecOps practices and integrating security within CI/CD pipelines.

Preferred

  • Experience with Azure security frameworks and cloud-native security tools.
  • Knowledge of AI technologies and associated security design principles.
  • Demonstrated ability to deliver secure development training to technical teams.
  • Strong communication, analytical, and collaboration skills.


Why Apply:

  • Opportunity to work within a DevSecOps environment driving secure software delivery.
  • Exposure to modern security technologies and large-scale enterprise systems.
  • Work in a hybrid role with a strong technical team focused on continuous improvement.


NOTE: Interested candidates who meet the above qualifications are encouraged to apply directly. Due to the volume of applications, only those shortlisted will be contacted. 


Apply for this job
Powered by