Career Opportunities Contact Us Français Italiano
Home Services Solutions Profile
In order to meet the growing needs of our customers, we are constantly searching for dynamic, qualified individuals to join the CTC resource team. Currently, there are several career opportunities available at CTC. If you feel you satisfy the qualifications for one of the positions listed on this page, please send your CV to resources@ctcinc.ca identifying the position(s) you are interested in. Qualified individuals will be contacted by our human resources department.
CTC004882 : DevSecOps Developper
Location : Montreal, Quebec
Field : Dev
Position Type : Contract
Starting : September 16, 2019
Ending : December 20, 2019
Resources Required : 1
Position Description

• Automation of application certificates full lifecycles: creation, revocation, renew (à la Let’s Encrypt)

• Manage applications secrets, using vaults (ex: Hashicorp Vault)

• Optimize identity management solutions

• Complete management of firewall ports using Infrastructure as code

• Integration of security scanning solutions in pipelines

• Reinforcement of CI-CD pipelines security (example: Docker images signatures)

Here’s the technical environment in which you would evolve at first:

• Collaboration (JIRA/Confluence)

• Source Code Management (Git-Bitbucket)

• Continuous Integration servers (Jenkins 2 with pipeline as code concept)

• Artefacts Management (Nexus, Artifactory)

• Quality Management Dashboards (SonarQube)

• Provisioning (Ansible, Terraform)

• More provisioning and orchestration tools (Docker/k8s)

• Deployed on multi cloud environments (private with OpenShift, publics with AWS, GCP-GKE)

• Applications Monitoring (AppDynamics, Datadog, etc.) to measure that all those wonderful applications deliver the expected business value to its customers

As a DevSecOps integrator, you are a generalist in all things DevOps, but you have a specialization in security.

Your Primary Responsibilities

• Develop security solutions using your developer skills and your security knowledge

• All the development you do uses everything as code paradigm and your code commits trigger full CI-CD pipeline up to production systems

• All the development you do is tested using test automation, developed at the right level, based on needs and context

• Everything that you put in production is monitored so that automatic fixes can take place in case of problems (using blue-green and-or canary deployments patterns)

• Everything that you put in production follows the High Availability (HA) best practices

• You work collaboratively with the bank’s security teams to ensure that developed solution can eventually be operated by them

What you should have to apply

• University degree in related fields with 3-5 years of experience or equivalent experience

• Bilingual (spoken/written) French and English ideal, but not mandatory

• You know what the Periodic table of DevOps tools is (and if not, when you'll see it, you'll get it!) and you master at least one tool per category on the table

• You have an above average security awareness mindset