Career Opportunities Contact Us Français Italiano
Home Services Solutions Profile
In order to meet the growing needs of our customers, we are constantly searching for dynamic, qualified individuals to join the CTC resource team. Currently, there are several career opportunities available at CTC. If you feel you satisfy the qualifications for one of the positions listed on this page, please send your CV to resources@ctcinc.ca identifying the position(s) you are interested in. Qualified individuals will be contacted by our human resources department.
CTC006652 : Security Specialist Senior
Location : Montreal, Quebec
Field : Security
Position Type : Contract
Starting : April 1, 2022
Ending : September 30, 2022
Resources Required : 1
Position Description

IMPORTANT

  • Knowledge and Experience with Authentication and Authorization framework, protocols, and artifacts: OpenID Connect, JWT token, OAuth2, SAML, etc.
  • PKI (Public Key Infrastructure) & TLS knowledge (HTTPS, Encryption, Digital Signatures, Secrets, …), Experience with HashiCorp is asset.
  • Experience with Identity and Access Management solutions like SSO(Single-Sign-On), experience with KeyCloak/ Redhat SSO deployment, configuration, and operation
  • Production experience with OpenStack and cloud providers (e.g., Azure, AWS), OpenShift, and Kubernetes including sidecar functionality (Service mesh, Istio, consul, etc.)
  • Hands-on experience working in the field of DevSecOps and programming and source code management using Git, MR & PR workflows, code reviews. Comfortable building and maintaining CI/CD testing and deployment pipelines
  • Linux sysadmin experiences
  • Experience with Network security (Firewalls, IDS/IPS, WAF, Antivirus, …)
  • Bilingual asset
  • Work location Montreal or Mississauga. (Montreal-based Candidate is preferred.)

Key responsibilities

  • Develop technical architectures and frameworks for new features or apps, to meet the business and application requirements.
  • Analyze and evaluate alternative technology solutions to meet business problems.
  • Deploy and maintain security solutions hosted both on-prem in Openstack or OpenShift, or in-cloud
  • Ensure the integration of all aspects of technology solutions.
  • Provide technical support in case of incidents or reported problems for the deployed solutions
  • Review proactively current deployed security architectures and measures, and recommending and implementing enhancements,
  • Conduct regular system tests and ensuring continuous monitoring of network security
  • Build/Automate and maintain utility or automation scripts with Ansible or similar tools, where appropriate

Required qualifications:

  • Excellent written and verbal communication skills
  • +10 years of experience working in IT infrastructure, system administration of Linux environment, and software development.
  • Thorough understanding of the latest security principles, techniques, and protocols
  • Experience with network security and networking technologies; and with system, security, and network monitoring tools.
  • Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
  • Knowledge and understanding of Authentication and Authorization framework, protocols, and artifacts: OpenID Connect, JWT token, OAuth2, SAML, etc. PKI & TLS knowledge (HTTPS, Encryption, Signatures, etc.)
  • Experience with Identity and Access Management solutions like SSO (plus Production experience with KeyCloak/Redhat SSO deployment, configuration, and operation).
  • Knowledge and experience in security systems, including firewalls, WAF, Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems, Anti-Virus
  • Production experience with Openstack, OpenShift, and Kubernetes, including sidecar functionality (Service mesh, Istio, consul, etc.)
  • Familiar with networking and network troubleshooting in a complex multi-cloud environment.
  • Hands-on experience working in the field of DevOps and programming plus (Secure) source code management using Git, MR & PR workflows, code reviews. Comfortable building and maintaining CI/CD testing and deployment pipelines
  • Experience building automation using orchestration tools such as Ansible, and Infrastructure-as-code tools, such as Terraform.
  • Programming and automation language knowledge and experience with Python and bash; Node.js and Java as asset
  • Good knowledge and experience in information security and/or IT risk assessment and Threat modeling
  • Good knowledge and experience on RESTful services and APIs.
  • Ability to interact with teams and individuals with a wide range of security understanding to explain and ensure alignment on security measures.
  • Knowledge on HashiCorp Vault is asset.
  • FortiNet and F5 knowledge as asset.
  • Certifications: Linux, Azure , Kubernetes, CISSP, SSCP, CEH, Security+, CISA is assets.
  • Knowledge of Internet of Things (IoT) framework and main protocols knowledge such as MQTT and CoAP and Messaging Bus( AMQP, Kafka) is assets.
  • Knowledge of Wireless and Mobile networks, especially 5G, LTE-M, LoRA, NB-IoT as asset.
  • Bilingual French and English an asset