IT - Security Specialist IV
About the role
Our client is a top financial institution with significant North American holdings. They have operations across most major verticals, including institutional & corporate, wealth management, private clients, commercial banking, treasury, and retail banking.
Introduction: Robertson is seeking a skilled IT - Security Specialist IV to join our client in support of an existing vacancy.
Contract Period: 3 months with Potential to extend or convert Pay Rate: Starting from $78 per hour Location: Toronto, ON Location Type: Hybrid Business Hours: Monday-Friday; Core business hours
Job Responsibilities: Design, develop, implement and maintain AI-driven automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations Implement AI- driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations to simulate and test policies effectively Utilize Azure AI Search, Azure OpenAI, and Azure Machine learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions Integrate AI- assisted compliance validation into CI/CD pipelines GitHub actions GitHub workflows using GitHub Copilot for scripting efficiencies and M365 Copilot studio for creating streamlined policy validation templates Automate security scanning and validation of terraform deployments with Python Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions Cloud Security and Regulatory Compliance enforcement Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2) Implement/test logging and monitoring solutions to detect compliance violations in real time Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, AppOmni Ensure that all Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits Experience & Qualification Requirements: 8+ years of Cloud Security, DevSecOps, AI or Cloud Engineering experience 3+ years of Technical Lead experience Strong Knowledge of GCP, Azure, AWS Jira and Confluence Proficient within Python CI/CD pipelines Proficient within Terraform Strong communication skills (written and verbal) Strong interpersonal skills are required Self-motivated, well organized, able to work both independently and in a team environment Attention to detail and someone who is a self-starter and adaptable Cloud or DevSec Ops engineering certifications Experience with Container security and Kubernetes policy enforcement Hands on experience with HashiCorp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes Cloud infrastructure as a code - Experience with Helm, ARM, JSON, YAML, REGO Banking or financial institution experience How to Apply: If you are a motivated professional looking to contribute to a leading team, please submit your resume outlining your qualifications and experience relevant to this role. Robertson & the clients we represent, value diversity and are committed to creating an inclusive workplace. We invite all qualified individuals to apply.
Background screening is required as part of the onboarding process. The type of screening required (criminal, credit, or other verifications) will vary based on the position and client requirements.
We use AI technology as part of our application review process to assist with screening and assessment. All applications are also reviewed by our recruitment team.
Robertson & the clients we represent are equal opportunity employers, committed to diversity and inclusion. Robertson is a certified diverse supplier and actively seeks to foster a representative and inclusive workforce. We welcome applications from all qualified individuals, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, Aboriginal status, or any other legally protected factors. We champion building a diverse and inclusive environment.
Similar Jobs
IT - Security Specialist IV
About the role
Our client is a top financial institution with significant North American holdings. They have operations across most major verticals, including institutional & corporate, wealth management, private clients, commercial banking, treasury, and retail banking.
Introduction: Robertson is seeking a skilled IT - Security Specialist IV to join our client in support of an existing vacancy.
Contract Period: 3 months with Potential to extend or convert Pay Rate: Starting from $78 per hour Location: Toronto, ON Location Type: Hybrid Business Hours: Monday-Friday; Core business hours
Job Responsibilities: Design, develop, implement and maintain AI-driven automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations Implement AI- driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations to simulate and test policies effectively Utilize Azure AI Search, Azure OpenAI, and Azure Machine learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions Integrate AI- assisted compliance validation into CI/CD pipelines GitHub actions GitHub workflows using GitHub Copilot for scripting efficiencies and M365 Copilot studio for creating streamlined policy validation templates Automate security scanning and validation of terraform deployments with Python Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions Cloud Security and Regulatory Compliance enforcement Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2) Implement/test logging and monitoring solutions to detect compliance violations in real time Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, AppOmni Ensure that all Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits Experience & Qualification Requirements: 8+ years of Cloud Security, DevSecOps, AI or Cloud Engineering experience 3+ years of Technical Lead experience Strong Knowledge of GCP, Azure, AWS Jira and Confluence Proficient within Python CI/CD pipelines Proficient within Terraform Strong communication skills (written and verbal) Strong interpersonal skills are required Self-motivated, well organized, able to work both independently and in a team environment Attention to detail and someone who is a self-starter and adaptable Cloud or DevSec Ops engineering certifications Experience with Container security and Kubernetes policy enforcement Hands on experience with HashiCorp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes Cloud infrastructure as a code - Experience with Helm, ARM, JSON, YAML, REGO Banking or financial institution experience How to Apply: If you are a motivated professional looking to contribute to a leading team, please submit your resume outlining your qualifications and experience relevant to this role. Robertson & the clients we represent, value diversity and are committed to creating an inclusive workplace. We invite all qualified individuals to apply.
Background screening is required as part of the onboarding process. The type of screening required (criminal, credit, or other verifications) will vary based on the position and client requirements.
We use AI technology as part of our application review process to assist with screening and assessment. All applications are also reviewed by our recruitment team.
Robertson & the clients we represent are equal opportunity employers, committed to diversity and inclusion. Robertson is a certified diverse supplier and actively seeks to foster a representative and inclusive workforce. We welcome applications from all qualified individuals, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, Aboriginal status, or any other legally protected factors. We champion building a diverse and inclusive environment.