Security Engineer
Apply NowCompany: Compunnel Software Group
Location: Montreal, QC H1A 0A1
Description:
Job Summary
We are seeking an experienced Security Engineer to help design and build the firm's next-generation Policy Based Access Control (PBAC) solution. This role is positioned within the Cybersecurity organization on the Identity & Access Management (IAM) team. The successful candidate will partner with internal infrastructure, cloud, and SaaS platform teams to drive integration with the enterprise-wide PBAC architecture, leveraging modern policy-as-code and GitOps methodologies.
Key Responsibilities
Required Qualifications
Preferred Qualifications (Nice to Have)
Certifications (if any)
Education: Bachelors Degree
Certification: Certified Information Systems Security Professional , Certified Information Security Manager
We are seeking an experienced Security Engineer to help design and build the firm's next-generation Policy Based Access Control (PBAC) solution. This role is positioned within the Cybersecurity organization on the Identity & Access Management (IAM) team. The successful candidate will partner with internal infrastructure, cloud, and SaaS platform teams to drive integration with the enterprise-wide PBAC architecture, leveraging modern policy-as-code and GitOps methodologies.
Key Responsibilities
- Collaborate with internal engineering teams to design and implement a PBAC framework across diverse infrastructure platforms and services.
- Develop, test, and deploy PBAC integrations for both in-house developed and vendor-supplied applications.
- Implement secure policy-as-code using GitOps-based workflows.
- Create and maintain detailed technical design documentation, including architectural diagrams and data flows.
- Present and articulate design decisions to technical and non-technical stakeholders via governance forums.
Required Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field.
- 5+ years of experience with Python development in production environments.
- Hands-on experience with CI/CD pipelines, containerization tools (Docker, Podman), and deploying to Kubernetes platforms (OpenShift or Azure Kubernetes Service).
- Familiarity with policy-as-code frameworks (e.g., Rego, Prolog).
- Knowledge of secure authentication protocols such as OIDC, SAML, and mTLS.
- Experience with shell scripting and SQL, including schema design with PostgreSQL or MongoDB.
- Understanding of major IAM platforms and cloud service providers (Azure, AWS, GCP).
Preferred Qualifications (Nice to Have)
- Professional certifications such as CISSP, CISM, or equivalent.
- Cloud security certifications (e.g., Microsoft Certified: Identity and Access Administrator Associate, AWS Certified Security - Specialty).
- Experience implementing PBAC frameworks or application-level authorization solutions.
- Familiarity with SailPoint IdentityNow or IdentityIQ IGA platforms.
- Strong troubleshooting capabilities across systems (SQL, Linux utilities, PowerShell, etc.).
- Excellent technical writing and documentation skills.
Certifications (if any)
- CISSP, CISM, or equivalent security certification (preferred)
- Microsoft or AWS cloud security certifications (preferred)
Education: Bachelors Degree
Certification: Certified Information Systems Security Professional , Certified Information Security Manager