Application and Cloud Security Specialist
-
Pay Rate: $82.80/hour, depending on experience
-
Contract Length: 1 Year
-
Location: Vancouver, British Columbia
Raise is currently hiring an Application and Cloud Security Specialist on behalf of our client. They’re expanding their team to meet growing needs, making this a unique opportunity to work with an industry leader. Our Client, is one of the largest electrical energy suppliers in Canada
Note: The primary pay rate is based on T4 classification; however, we will also consider applications from candidates interested in an INC classification, where applicable.
Description
The Application and Cloud Security Specialist to join our clients Cybersecurity team. In this role, you will be responsible for securing cloud-hosted applications by guiding architecture, identity, DevSecOps, Web Application Firewall (WAF), container, and multi-cloud security controls from initial design through to production deployment.
You will play a pivotal role in ensuring cloud migration waves and future multi-cloud expansions remain resilient, compliant, and secure.
Responsibilities
- Review and validate application security designs for cloud-hosted workloads, including target state architectures, landing zone alignment, identity patterns, and Azure Secure Score compliance across all migration waves.
-
Support the design, tuning, and rollout of Web Application Firewall policies for internal and external-facing applications, including managed rule sets, custom rules, exclusion baselining, and the transition from detection to prevention mode for pilot applications.
-
Embed security controls into the DevOps & DevSecOps foundation in GitHub, including GitHub Advanced Security, push protection, secret scanning, vulnerability gates, and Defender for DevOps integration.
-
Validate identity and access patterns for cloud applications, including Entra ID integration, Entra External ID for partner and customer authentication, conditional access, MFA, and Key Vault–based secret consumption.
-
Review container security for AKS, ACR, and ACI workloads, such as image scanning, runtime protection, secrets handling, and Defender for Containers configuration.
-
Collaborate with application teams, the Cloud Centre of Excellence, Enterprise Architecture, and cybersecurity stakeholders to clear security gates in migration runbooks and support production cutovers.
-
Contribute to the AWS expansion security baseline, including workload identity, cross-account access patterns, secrets and key management, and logging integration with Sentinel.
Qualifications
-
(7) years of working experience in Information Technology with at least five (5) years in cyber security or equivalent.
-
Proven experience securing application migrations to Azure in enterprise environments, including PaaS workloads (App Service, Functions, Logic Apps) and containerized workloads (AKS, ACR, ACI).
-
Strong grasp of application security principles, such as secure SDLC, OWASP Top 10, secure code review, threat modeling, and vulnerability management.
-
Hands-on experience with Azure WAF, including policy authoring, false-positive tuning, TLS termination, and Sentinel log integration.
-
Experience integrating security into CI/CD pipelines using GitHub Advanced Security, SAST, DAST, secret scanning, dependency scanning, and OIDC-based Azure authentication.
-
Working knowledge of code remediation patterns for legacy applications, including runtime upgrades (.NET, Java, Node.js), externalizing configuration, and migrating from LDAP to Entra ID authentication.
-
Familiarity with Azure Key Vault, Managed Identities, Entra ID, Entra External ID (B2B/B2C), and conditional access design for internal and external users.
-
Solid understanding of cloud network security - NSGs, private endpoints, App Gateway, Azure Firewall, and micro-segmentation patterns.
-
Familiarity with Microsoft Defender for Cloud, Defender for Containers, Defender for DevOps, and Sentinel for application-layer telemetry.
-
Multi-cloud awareness, including AWS IAM, KMS, and CSPM concepts, is an asset given the planned multi-cloud expansion.
-
Demonstrated expertise in Infrastructure-as-Code (IaC) principles, tools, and frameworks, including platforms such as Terraform and HashiCorp Cloud Platform.
-
Familiarity with CI/CD tools and workflows, including platforms such as Azure DevOps and GitHub, with a solid understanding of automation and deployment processes.
-
Strong collaboration skills to work across application owners, infrastructure operations, GRC, and third-party delivery partners.
Education and Certifications
-
A Bachelor’s degree or Diploma in Computer Science, Cybersecurity, Information Technology, or a related technical discipline (or equivalent practical experience).
-
Possession of one or more of the following professional certifications will be viewed favorably and will result in increased consideration during candidate evaluation:
-
Azure Security: Microsoft Certified: Azure Security Engineer Associate (AZ-500) or Cybersecurity Architect Expert (SC-100)
-
Azure Architecture/Development: Microsoft Certified: Azure Developer Associate (AZ-204) or Azure Solutions Architect Expert (AZ-305)
-
DevOps & AppSec: GitHub Advanced Security Certified, GitHub Actions Certified, or Certified Secure Software Lifecycle Professional (CSSLP)
-
Core Security: Industry-standard designations such as CISSP or CCSP
-
Multi-Cloud: AWS Certified Security – Specialty
Additional Information
-
Every contractor must supply their own Windows 11 Laptop computer for the duration of the assignment.
-
Every contractor must supply their own “Smart Phone”. This is needed to gain access to the Organizations network.
Looking for meaningful work? We can help!
Raise is an established hiring firm with over 65 years of experience. We believe strongly in making the world a better place through work, which is why we’re a certified B Corporation and donate 10% of our profits to charity.
We strive to build teams that reflect the diversity of the communities we work in. We encourage all qualified applicants to apply, including people from traditionally underrepresented groups such as women, visible minorities, Indigenous peoples, people identifying as LGBTQ2SI, veterans, and people with visible/nonvisible disabilities.
We have a dedicated webpage for accommodations where you can learn more about what we offer and request accommodation: https://raise.jobs/accommodations/
In order to submit candidates for roles, our clients will sometimes require personal information to confirm the identity of applicants and their legal status to work. Raise will never ask you for personal or banking information unless you have been selected for a job. If you are ever unsure about the legitimacy of this or any other Raise job posting (or have any other questions), please contact us at +1 800-567-9675 or [email protected].
#WES
#LI-SC1
