Cloud DevSecOps Tester – Banking
Are you passionate about cloud security, AI, and automation? Apply Now!
Working with one of our top financial clients, this role calls for a Cloud DevSecOps Tester – Banking. This position offers an exciting opportunity to leverage your expertise in cloud security, compliance automation, and AI-driven testing to support critical banking operations across multiple cloud platforms. You will play a key role in developing and executing advanced testing frameworks that ensure regulatory compliance and security integrity.
Pay rate range (CAD): $66.51/hr – $79.81/hr
Responsibilities
- Design, develop, and maintain AI-driven automated test frameworks for compliance-as-code policies across GCP, AWS, and Azure environments.
- Implement AI-powered test environments utilizing Azure Foundry, Azure ML, Azure AI Search, and other Azure services to simulate realistic cloud configurations.
- Develop intelligent validation routines to predict and identify policy compliance issues, recommending remediation steps.
- Create comprehensive test cases, including positive, negative, and edge scenarios, to thoroughly validate policy enforcement logic.
- Maintain a library of test suites, ensuring traceability between validation cases and compliance requirements.
- Collaborate with policy developers, security architects, and Cloud Service Owners to understand intended behavior and failure modes.
- Integrate compliance validation tools into CI/CD pipelines using GitHub Actions, GitHub Workflows, Python scripting, and automation tools like GitHub Copilot and M365 Copilot.
- Automate security scanning and validation of Terraform deployments, embedding compliance checks within DevSecOps workflows.
- Work with security, DevSecOps, and governance teams to define and enforce cloud security controls aligned with industry standards (NIST, ISO 27001, SOC 2).
- Implement logging and monitoring solutions for real-time detection of compliance violations.
- Automate the generation of compliance reports and dashboards using tools such as SonarQube, Wiz.IO, Splunk, Dynatrace, and AppOmni.
- Ensure all activities meet client standards and STIG requirements, maintaining traceability and readiness for audits.
Desired Skill-Set
- 5+ years in Cloud Security, DevSecOps, AI, or Cloud Engineering roles.
- Strong knowledge of GCP, Azure, and AWS cloud platforms.
- Experience with Jira and Confluence.
- Proficiency in Python programming.
- Hands-on experience with CI/CD pipelines.
- Proficiency with Terraform infrastructure as code.
- Ability to work independently and collaboratively.
- Excellent written and verbal communication skills.
- Strong interpersonal skills and attention to detail.
- Self-motivated, organized, and adaptable.
Nice to Have
- Cloud or DevSecOps engineering certifications.
- Experience with container security and Kubernetes policy enforcement.
- Hands-on experience with HashiCorp Sentinel, Azure Policy, Wiz Policy, GCP Org Policy, and Open Policy Agent.
- Knowledge of cloud infrastructure as code tools such as Helm, ARM, JSON, YAML, and REGO.
- Prior experience within banking or financial institutions.
BeachHead is an equal opportunity agency and employer. We advocate for our candidates and welcome applicants regardless of race, color, religion, national origin, sex, age, or physical or mental disability. BeachHead or our clients may use technology-enabled tools, including automation and artificial intelligence (AI), to support parts of the recruitment process such as resume screening, application management, and candidate matching. These tools assist our recruiters and our clients, and do not replace human decision-making. This job posting represents a current or anticipated vacancy. The position may be filled at any time, and the posting may be removed without notice once the role has been filled.