Location: Remote

Duration: 48 weeks

Security Clearance: SECRET

Responsibilities

Harden security in the design, development, scaling, and sustainment of cloud-based, internet-facing applications. Support the continued development, enhancement, sustainment, and operation of a continuous Authority to Operate (cATO) platform. Provide hands-on security engineering support for cloud-based software applications. Assist in the design, implementation, and hardening of CI/CD pipelines hosted in Azure DevOps. Integrate security tooling into automated workflows. Provide security advice and recommendations on application security and cloud security. Provide security advice and recommendations on infrastructure-as-code and containerized environments. Assist development teams in identifying, assessing, and mitigating security risks throughout the software development lifecycle. Support security-related troubleshooting and incident response activities. Participate in agile ceremonies, including sprint planning, stand-ups, and technical reviews. Provide security-related technical guidance and recommendations to internal personnel.

Qualifications

5+ years of experience planning, designing, building, implementing, sustaining, and enhancing a software platform that automates or enables continuous security authorization or continuous compliance for cloud-based applications using agile methodologies. Direct technical involvement with a platform that centralizes automated security control evidence into a compliance assessment workflow and supports ongoing authorization, monitoring, or reauthorization activities for multiple applications and environments. Experience integrating an authorization or compliance platform with multiple public cloud environments. 6+ months of experience supporting or enhancing an authorization or compliance platform in a production environment. Hands-on experience that is not limited to policy development, documentation, or one-time security assessments. Experience in cloud-based and DevSecOps-enabled software environments, including continuous authorization models, CI/CD security controls, and modern application security practices within regulated environments.

AI Disclosure: We do not use artificial intelligence (AI) tools to screen, assess, or select applicants at any stage of our recruitment process. All applications are reviewed by our recruitment team.

OXARO is committed to fostering an inclusive, equitable and respectful workplace where every individual feels valued and empowered to contribute their best. We believe that diversity drives innovation and strengthens our ability to serve our clients and communities. We are dedicated to ensuring a fair and unbiased recruitment process and welcome applications from members of the four designated groups under the Employment Equity Act: women, Indigenous peoples, persons with disabilities and members of visible minorities.

Accommodations are available upon request for candidates taking part in all aspects of the recruitment process.

We sincerely thank all applicants for their interest in this opportunity. While we appreciate every application, only those selected for an interview will be contacted.