Senior Security Engineer – DevSecOps, Vulnerability Management, Cryptography
E-SolutionsResume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
Sign up free to auto-tailor your resume with all these keywords and get a higher ATS score
Job Description
Senior Security Engineer – DevSecOps, Vulnerability Management, Cryptography
Role: Senior Security Engineer – DevSecOps, Vulnerability Management, Cryptography
Location Toronto, Canada ON - M5S 1K9 (Hybrid)
Role Summary
We are seeking a Senior Security Engineer to support enterprise security initiatives with a focus on vulnerability management, cryptography, secrets and certificate management, and DevSecOps enablement. The resource will work closely with application, cloud, and platform teams to embed security controls across the SDLC and production environments.
This role is suitable for candidates with strong hands‑on delivery experience in large enterprise or regulated environments.
Key Responsibilities
Vulnerability Management
- Operate and support enterprise vulnerability scanning across applications, infrastructure, cloud, and containers.
- Analyze and triage vulnerability findings; work with engineering teams to drive timely remediation.
- Track vulnerabilities through remediation and closure.
- Support security assessments and penetration testing engagements.
Cryptography & Encryption
- Implement and support encryption standards for data at rest and in transit.
- Manage cryptographic controls, key usage, and lifecycle practices.
- Ensure cryptographic implementations align with organizational security standards.
Secrets & Certificate Management
- Implement and manage secrets management for applications, services, and CI/CD pipelines.
- Manage certificate lifecycle including issuance, renewal, rotation, and expiration.
- Eliminate hardcoded secrets and improve secure configuration practices.
DevSecOps
- Integrate security controls into CI/CD pipelines (DevSecOps).
- Support implementation of security tooling such as:
- SAST / DAST
- Dependency and container scanning
- Infrastructure‑as‑Code (IaC) scanning
- Partner with development teams to embed security early in the SDLC.
Mandatory Skill Set
- 5–8 years of hands‑on experience in Security Engineering.
- Strong experience with vulnerability scanning and vulnerability management.
- Solid understanding of cryptography, encryption, and key management concepts.
- Hands‑on experience with certificate management.
- Proven experience implementing DevSecOps practices in CI/CD pipelines.
- Strong understanding of application and cloud security fundamentals.
Preferred / Nice‑to‑Have Skills
- Cloud platform experience: Azure, AWS, or GCP.
- Experience with containers, Kubernetes, and IaC.
- Scripting experience (Python, PowerShell, Bash).
- Experience in banking, financial services, or other regulated industries.
- Relevant security certifications (nice to have):
- CISSP, CCSP, CSSLP
- Cloud security or DevSecOps certifications
Want AI-powered job matching?
Upload your resume and get every job scored, your resume tailored, and hiring manager emails found - automatically.
Get Started Free