Location: Richmond, BC, Hybrid, at least 3 days on-site per week or as operationally needed
Language: Strong English written and spoken communication skills required
Duration: 12 months, ending January 2027
About the Opportunity
We are seeking a Security Engineer to support a DevSecOps team focused on embedding security into every stage of the software development lifecycle. This is an opportunity to contribute to secure product and application design within a complex, service-driven environment.
In this role, you will work closely with developers, architects, product teams, and security specialists to identify risks early, strengthen controls, and support secure delivery practices. Your work will help protect business data, improve application resilience, and build security awareness across technical teams.
What’s In It for You
You will join a collaborative team where security is treated as a shared responsibility, not a final checkpoint. This role offers exposure to modern DevSecOps practices, cloud security, secure development tooling, and meaningful opportunities to guide and coach technical teams.
You will also have the opportunity to support security technology selection, contribute to secure architecture decisions, and help shape practices that make a lasting impact across product delivery.
Your Responsibilities
• You’ll perform threat modelling to identify and mitigate security risks during product, application, and architecture design
• In this role, you’ll conduct secure code reviews, secure design reviews, and black box and white box penetration testing for applications and products
• You’ll perform SCA, SAST, and DAST analysis using industry tools, while embedding tools and security processes into CI/CD pipelines
• You’ll create and maintain Azure security policies to support secure deployment of cloud components, applications, and platforms
• You’ll support vulnerability management and risk management activities throughout planning, design, development, testing, and release
• You’ll define security controls and develop security-focused user stories for application and product teams
• You’ll deliver guidance and training to DevOps developers on secure coding practices, hacking techniques, and secure design principles
Skills and Qualifications
• 6+ years of progressive experience in security engineering or similar roles focused on application, product, or cloud security
• Undergraduate degree in Computer Science, STEM, or a related discipline
• Industry certification related to security engineering, such as CISSP, CEH, or similar
• Strong knowledge of secure design reviews, threat modelling, secure code reviews, penetration testing, and security controls across application infrastructure layers
• Hands-on experience with SCA, SAST, and DAST tools, including validation, tuning, and integration into CI/CD pipelines
• Experience creating or maintaining Azure security policies and supporting secure cloud deployments
• Knowledge of AI technology security design considerations and controls
Why Partner with Altis
If you’ve never worked with a staffing agency before, we make it easy. We work with top employers across Canada who have great jobs to fill, each vetted and verified by our team. When you apply for a job with Altis, we get to know you as a candidate and learn what your strengths are. Then, if you’re a solid match, we handle all the logistics, advocating for you as a candidate for the role, providing access to coaching and connecting you directly with the hiring manager. And rest assured, all our services are free of cost for candidates.