19 Apr
|
Autodesk
|
Toronto
Apply on Kit Job: kitjob.ca/job/2g91tc
Job Requisition ID #
26WD96805
Position Overview We are seeking an experienced DevSecOps Engineer to lead security initiatives across our customer data, applications, and infrastructure at Autodesk. In this role, you will serve as a technical leader and subject matter expert, collaborating strategically with multiple security and engineering teams to architect and implement scalable, enterprise-grade security solutions. You will drive the security-first mindset across our organization by designing creative security controls, mentoring junior team members, and establishing best practices for the broader engineering community. This role requires deep expertise in AWS security, infrastructure automation, and application security, combined with the ability to influence stakeholders at all levels and drive adoption of security-by-design principles.
Responsibilities
Lead shift-left security initiatives by introducing and implementing advanced security testing frameworks within CI/CD pipelines (SAST, DAST, SCA, container scanning, secrets management), while establishing metrics and best practices for the broader organization
Develop scripts and automation to support dependency analysis, reporting, and security workflows
Contribute to documentation, standards, and best practices related to dependency management, open-source usage, and secure software development
Develop high-quality, maintainable code in Python, Golang, or related languages for security tooling, automation frameworks,
and integrations that serve Autodesk security teams and the wider engineering community
Triage and analyze vulnerability findings from SCA tools (e.g., Black Duck, Dependabot), validate impact, and partner with product teams on remediation strategies
Partner with cross-functional security teams—including infrastructure, engineering, operations, incident response, and offensive security—to translate security requirements into scalable technical solutions and comprehensive security programs
Establish security standards and best practices by conducting security architecture reviews, leading design discussions, and providing technical guidance to engineering teams on implementing security controls and threat mitigation strategies
Evaluate, customize, and integrate commercial and open-source security tools to meet Autodesk's specific requirements, improving tooling capabilities through custom extensions and integrations where needed
Mentor and develop junior team members, sharing knowledge about DevSecOps best practices, security architecture, and engineering excellence
Minimum Qualifications
3+ years of experience in security operations, application security, or DevSecOps roles
Basic scripting or automation experience in a language such as Python, Golang, or equivalent
Deep knowledge of application security practices including secure coding, OWASP Top 10, API security, threat modelling, and common vulnerability categories (SAST, DAST, SCA)
Experience automating security or development workflows using Python or similar scripting languages
Familiarity with vulnerability management processes and remediation prioritization
Familiarity with CI/CD pipelines and modern development workflows (e.g., Git-based version control)
Proven ability to design security architectures that address complex threat models and organizational compliance requirements at scale
Excellent communication and leadership skills with the ability to influence and communicate technical security concepts clearly to diverse audiences (executives, developers, security teams, operations)
Strong REST and GraphQL API experience, including security implications of API design, authentication, authorization, and API-centric architectures
Salary Transparency Salary is one part of Autodesk’s competitive compensation package. For Canada-BC based roles, we expect a starting base salary between $88,000 and $128,700. Offers are based on the candidate’s experience and geographic location, and may exceed this range. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
#J-18808-Ljbffr
Apply on Kit Job: kitjob.ca/job/2g91tc
📌 DevSecOps Engineer (Toronto)
🏢 Autodesk
📍 Toronto