DevSecOps Engineer

Title: DevSecOps Engineer

Location: 100% Remote (Vancouver preferred)

Duration: 1 year (with the possibility of extension)

Travel: Business travel (North America) 5% - 15% (circumstance-dependent)

High-Level Description

We are seeking a skilled and proactive DevOps/Security Engineer to join our team at ACRE. This role is critical for ensuring the reliability, security, and efficiency of our systems. The ideal candidate will have a strong background in DevSecOps practices, AWS cloud infrastructure, and security protocols, with a passion for optimizing processes and safeguarding systems.

Specific Accountabilities

• Monitor system performance and reliability, ensuring high availability and responsiveness of the ACRE platform.
• Implement and manage cloud infrastructure on AWS.
• Collaborate with software engineers and product teams to integrate security best practices throughout the development lifecycle.
• Incorporate and maintain security assessments and vulnerability scans into the delivery cycle.
• Oversee penetration and ethical hacking testing.
• Develop and maintain documentation for infrastructure configurations, deployment processes, and security protocols.
• Stay current with industry trends and emerging security threats, applying new techniques and technologies to enhance the security posture of the organization.
• Provide support for incident response and disaster recovery planning, ensuring business continuity in the event of a security breach or system failure.

Scope

• Critical role as a member of the ACRE team, integrating security best practices throughout the development lifecycle and improving deployment efficiency.
• Supports the short-, medium-, and long-term goals of the company, up to and potentially including an external sale process.
• As part of a start-up environment, this role requires building strong relationships and collaborating closely with the Technical, Marketing, and Sales teams.

Contacts

• Internal: Communication with corporate functions (including Insurance and TIS).
• External: Communication with external customers or service providers (including Brokers, Advisors, Developers, and others).

Knowledge and Skills

Required

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• 7+ years of experience in DevOps, cloud engineering, or security engineering (preferably in a startup or fast-paced environment).
• Proven ability to manage and secure AWS environments across multiple accounts using AWS Organizations, IAM, centralized logging, and cost/resource governance.
• Strong proficiency with common AWS services (ECS, S3, Lambda, Route53, RDS, DynamoDB, etc.).
• Experience with infrastructure as code (IaC) tools such as Terraform for managing cloud resources.
• Familiarity with GitHub Actions CI.
• Hands-on experience implementing security controls such as SCA/SAST/DAST scanning, secrets management, and compliance monitoring aligned with SOC 2, ISO 27001, or similar standards.
• Proficiency in Terraform for provisioning and managing secure, scalable cloud infrastructure in a repeatable and auditable manner.
• Experience integrating AWS services (CloudTrail, GuardDuty, CloudWatch) with enterprise SIEM platforms (Splunk, Sentinel, QRadar) for centralized log ingestion and correlation.
• Ability to design and implement real-time monitoring and alerting solutions using CloudWatch, EventBridge, and third-party observability platforms, defining actionable alerts and escalation workflows.
• Solid understanding of security best practices, including network security, application security, and data protection.
• Excellent problem-solving skills and the ability to work independently and collaboratively in a team environment.

Preferred

• Knowledge of compliance frameworks and regulations relevant to the insurance or legal industries (e.g., GDPR, HIPAA).
• Familiarity with monitoring and logging tools (e.g., Prometheus, Grafana, ELK Stack) to ensure system health and security.
• Relevant certifications (e.g., AWS Certified DevOps Engineer, CISSP) are a plus.