×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer IT Support

Jr DevSecOps Engineer

Job in Calgary, Alberta, T3S, Canada
Listing for: Peoples Trust
Full Time position
Listed on 2026-06-20
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, IT Support
Job Description & How to Apply Below

Job Details

Description

We are hiring for this position out of our Toronto, Vancouver and Calgary offices. Successful candidates who apply outside of these areas will be expected to relocate and reside in a location that is within a commutable distance.

About the role:

This is an execution-focused engineering role on the Dev Sec Ops  team. You'll work directly alongside the Senior Dev Sec Ops  Engineer and Team Lead, building real security tooling, maintaining production pipelines, and learning how security engineering works inside a federally regulated financial institution. The expectation isn't that you know everything — it's that you're technically sharp, genuinely curious, and ready to grow fast in a high-trust environment.

About the day-to-day:

Hands-on engineering (~50%)

  • Build and maintain security integrations within CI/CD pipelines: SAST/DAST tooling, secrets scanning, dependency checks, and container image scanning.
  • Write and maintain Terraform modules under senior review: contribute to the IaC library, fix drift, and help enforce module standards.
  • Automate security tasks in Python and Bash: evidence collection scripts, alert enrichment, scheduled scans, and reporting automation.
  • Support the supply-chain security program: SBOM generation, dependency pinning, and build artifact management.
  • Help implement and maintain policy-as-code configurations — learning enforcement patterns at PR-time, pipeline-time, and deploy-time.
  • Maintain and improve runbooks for the team's operational procedures and on-call scenarios.

    • Detection and security operations (~30%)

  • Monitor and triage security alerts from Microsoft Sentinel, AWS Security Hub, and Azure Defender for Cloud under senior guidance.
  • Contribute to incident response investigations: log analysis, timeline reconstruction, and evidence handling.
  • Help tune detection rules and reduce alert noise — learn to write and modify KQL queries in Sentinel.
  • Support audit evidence collection: run API-based artifact pulls, validate completeness, and maintain evidence repositories.
  • Participate in vulnerability management: track scan results, validate remediations, and update the risk register with senior oversight.

    • Learning and growth (~20%)

  • Shadow the Senior Dev Sec Ops  Engineer on architecture decisions, threat modeling sessions, and stakeholder conversations.
  • Work toward a defined certification path as part of your development plan (examples: AZ-500, AWS Security Specialty).
  • Join the on-call rotation progressively: start as a shadow, then , then independent as your readiness grows.
  • Contribute to team documentation and the Security Centre of Excellence knowledge base.
  • Bring questions. This team runs blameless retros and expects engineers at every level to flag what they don't understand.

    • About the qualifications:

  • 1–3 years of experience in a Dev Ops, Dev Sec Ops , software engineering, or security engineering role — or a strong equivalent: relevant degree with a security or cloud focus, security internships, or demonstrable personal/open-source projects that show hands-on depth.
  • Working knowledge of at least one major cloud platform (AWS or Azure). You understand IAM, compute, storage, and networking basics and have built or deployed something real in it.
  • Hands-on Terraform experience: can read and write modules, understand state, and debug basic provider errors. You don't need to be an expert — you need to be functional and willing to grow.
  • Scripting ability in Python or Bash: can write a functional automation script from scratch.
  • Basic CI/CD fluency: understand pipeline stages, artifact handling, environment variables, and why secrets don't belong in code.
  • Foundational security knowledge: OWASP Top 10, common vulnerability classes (injection, broken auth, misconfigurations), and how they show up in real systems.
  • Core networking concepts: TCP/IP, DNS, TLS/HTTPS, VPCs, subnets, security groups, firewalls — enough to read a network diagram and ask the right questions.
  • Someone who communicates clearly in writing, asks good questions, and doesn't wait to be told something is broken.

    • Nice-to-have / differentiators

  • Hub Actions experience: has written or modified a real workflow, not just…
    • Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)
    0
    200
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search