Apply on Kit Job: kitjob.ca/job/2fsqeu

Job DescriptionJob DescriptionSalary: $125,000-$145,000

ABOUT PLANITAR
Founded in 2013,PlanitarInc. is the maker ofiGUIDE, a proprietary camera and software platform for capturing and deliveringaccuratefloorplans, immersive 3D virtualtoursand extensive property data.

iGUIDEis the most efficient system to map interior spaces and featuresaccuratefloor plans, measurements, and reliable property square footage. By integrating floor plans and visual data,iGUIDEprovides an intuitive and practical way to navigate and explore built environments digitally.

Visitwww.goiguide.comfor more information.

ABOUT THE ROLE

We areseekingan experienced and proactiveDevSecOpsEngineer to lead the integration of security into our software development lifecycle and cloud infrastructure. In this role, you will not just be finding vulnerabilities; you will be building the automated systems, guardrails, and processes that prevent them from reaching production.

You will work closely with our Platform and Software Engineering teams to champion a "shift-left" security culture. The ideal candidate is an automation enthusiast with a hackermindset,someone who deeply understands up-to-date cloud infrastructure, CI/CD pipelines, and how to secure them without slowing down developer velocity.

RESPONSIBILITIES

Secure CI/CD Pipelines: Design, build, andmaintainautomated security testing within continuous integration and deployment pipelines (incorporating SAST, DAST, and SCA tools).

Cloud Security Posture: Implement and monitor security controls across our AWS cloud environment, ensuring compliance with industry best practices and frameworks.

Infrastructure as Code (IaC) Security: Enforce "Security as Code" by implementing automated scanning for Terraformtemplates to catch misconfigurations before deployment.

Vulnerability Management: Triage, track,



and partner with engineering teams to remediate security vulnerabilities across infrastructure, containers, and applications.

Threat Modeling & Architecture:Participatein system design reviews and threat modeling sessions toidentifypotential attack vectors in new features and infrastructure.

Incident Response:Assistin cloud and application security incident response, including forensic log analysis and mitigation strategy development.

Advocacy & Training: Evangelize secure coding practices andprovideguidance to developers on how to build highly secure, resilient systems.

SKILLS & QUALIFICATIONS

Experience: 3+ years of hands-on experience inDevSecOps, Cloud Security, or a DevOps role with a heavy security focus.

Cloud Platforms: Strongproficiencyin securing AWS environments (e.g., deep knowledge of IAM, VPCs,GuardDuty, Security Hub, AWS WAF, KMS).

Automation & Scripting: Strong coding/scripting skills in Python, Bashto automate security workflows and integrate APIs.

CI/CD & Security Tooling: Hands-on experience integrating security scanners (e.g.,Snyk, SonarQube,Trivy,Checkmarx) into modern pipelines (e.g., GitHub Actions, GitLab CI).

Infrastructure as Code:Proficiencywriting and reviewingIaC(Terraform) and utilizingIaCsecurity scanners (e.g.,tfsec,Checkov).

Container Security: Solid understanding of Docker and Kubernetes security concepts, including image scanning, RBAC, and network policies.

Networking: Practical knowledge of network security fundamentals, including firewalls, zero-trust architecture, VPNs, and TLS/SSL.

ADDITIONAL ASSETS (NICE TO HAVE)

Relevant certifications such as AWS Certified Security Specialty, CKA/CKS (Certified Kubernetes Security Specialist), or OSCP.

Experience with regulatory compliance frameworks (e.g., SOC2, ISO 27001, HIPAA).

Familiarity with SIEM/SOAR tools and centralized logging strategies.

Apply on Kit Job: kitjob.ca/job/2fsqeu

📌 DevsecOps Engineer (Waterloo)
🏢 Planitar
📍 Waterloo