Cloud Security and DevOps Engineer

Cloud Security and DevOps Engineer (GCP + AI-Driven)

Location

Availability

Timings

About our client:

Our client is redefining hormone health by blending clinical expertise, data-driven innovation, and a fully integrated digital platform. They empower patients and practitioners with cutting-edge telehealth, e-commerce, and AI capabilities to deliver exceptional outcomes across both direct-to-consumer (D2C) and business-to-business-to-consumer (B2B2C) channels.

They are scaling quickly — and security, automation, and intelligence are at the heart of that journey. They are looking for a DevSecOps Engineer who not only thrives in cloud security and DevOps, but also uses AI tools to amplify their effectiveness 

The Opportunity

This is not a traditional DevSecOps role. You’ll be our hands-on guardian of infrastructure and security, embedding security into every stage of our SDLC — while also using AI to supercharge automation, monitoring, and vulnerability management. 

You’ll design and enforce secure, scalable infrastructure on GCP, remediate vulnerabilities from penetration tests, and continuously innovate with AI-assisted workflows (for code reviews, infra scanning, log analysis, and more). 

What You’ll Do

DevSecOps & Automation

● Build and maintain CI/CD pipelines with automated security checks. 

● Implement Terraform-based IaC across GCP environments. 

● Use AI-powered tools to accelerate code analysis, infra monitoring, and dependency scanning. 

Cloud Security (GCP)

● Design and manage secure environments on Google Cloud Platform (Cloud Run, GKE, Firebase, BigQuery, Apigee). 

● Configure IAM, VPCs, and network policies to enforce least privilege and data residency in Canada. 

● Automate monitoring and anomaly detection using GCP native tools + AI/ML anomaly detection. 

Application Security

● Remediate vulnerabilities (XSS, CSP, input sanitization, outdated dependencies) identified in pentests. 

● Implement AI-driven SAST/DAST for real-time code and dependency scanning. 

● Create developer-friendly secure coding guardrails, with automated feedback loops. 

AI-Enhanced Security & Operations

● Experiment with LLM-based agents for log triage, incident response playbooks, and compliance audits. 

● Use AI to prioritize vulnerabilities by business impact and exploit likelihood. 

● Stay ahead of evolving AI-driven threats and incorporate defensive strategies. 

Collaboration & Culture

● Educate developers on security best practices, supported by AI-based training aids. 

● Write and maintain documentation with AI-assisted knowledge management. 

● Serve as a trusted partner across engineering, product, and compliance teams. 

What You Bring

● 10+ years in DevOps, Cloud, or Security Engineering, with strong exposure to GCP. 

● Hands-on expertise in Terraform, Kubernetes/GKE, Docker, CI/CD pipelines. 

● Familiarity with AI/ML tools for security and DevOps (e.g., GitHub Copilot, Snyk AI, Wiz, Palo Alto Prisma, custom LLMs). 

● Strong grounding in OWASP Top 10 and secure coding practices. 

● Track record of remediating vulnerabilities and automating security workflows. 

● Curiosity and creativity in applying AI to make security smarter, faster, and more scalable. 

Nice to Have

● GCP Cloud Security Engineer or Architect certification. 

● Experience with GraphQL security and API hardening. 

● Knowledge of healthcare compliance frameworks (PIPEDA, HIPAA, SOC2, ISO27001). 

● Contributions to DevSecOps or AI/security open-source projects. 

Why Join Our Client?

● Be the foundational DevSecOps hire in a high-growth Canadian healthtech startup. 

● Drive the intersection of AI, cloud security, and DevOps — not just keeping up, but setting the pace. 

● Shape the company’s security and automation culture from the ground up. 

● Competitive salary, equity, and benefits. 

● Mission-driven team dedicated to helping people live healthier, longer lives