Software Engineer
Contractor
contractor
27 Jun 2025
Toronto
Verified by Turrior
Content + Source + Freshness • 12 Dec 2025 • 95% confidence
82 / 100
Offer value
High score due to increasing demand for cloud security expertise and the specifics of Policy-as-Code development.
- Growing demand for specialties in cloud security and policy management
- Role involves writing and implementing security policies
- Opportunity to use cutting-edge tools and collaborate with teams
Pros
- Emerging and sought-after specialization in cloud security.
- Active involvement in development and QA processes.
- Opportunity to work with advanced DevOps tools and strategies.
Cons
- Requires niche experience which may limit candidate pool.
- Potentially steep learning curve for new tools and practices.
- Contractual employment model may reduce long-term job security.
Who it's for
Senior • Remote or Hybrid
Good fit
- Security engineers with cloud experience
- Professionals passionate about policy development
- Candidates looking for innovative DevOps roles
Not recommended for
- Novices without security background
- Those averse to working on security policies
- Individuals preferring traditional development paths
Motivation fit
Desire to specialize in the growing field of cloud securityInterest in contributing to policy frameworks and practicesEagerness to engage with innovative development practices
Key skills
Cloud security and DevOps expertisePolicy-as-Code development experienceCollaboration with security and engineering teams
Score: 82/100 AI verified analysis
About the job
Typical Day in Role:
• Write Rego Policy-as-Code for application security scanning tools - SAST, DAST, SCA and MAST; to ensure that no critical or high vulnerabilities are deployed to production
• Write Rego Policy-as-Code for scanning Terraform and Cloud resources
• Write unit tests for these policies, and complete other QA activities to ensure the working and quality of the policies
• Deploy security policies to the cloud using DevOps strategies and tools.
• Integrate policies with Styra policy engine
• Work with cloud security architecture and cloud operations internal teams
• Role is split into technical part of 1) writing the Policy-as-Code, QA activities and 2) support delivery of the product – give updates, collaborate with team
Candidate Requirements/Must Have Skills:
1) 10+ years’ experience in related fields: Security Engineering, Cloud architecture, Security Operations, DevOps
2) 3-5 years’ experience with IaC (Infrastructure As Code) tool Terraform
3) 1-2 years’ experience with PaC (Policy As Code) tools Styra, Rego
4) 3-5 years’ experience with DevOps tools and strategies, including VCS, IaC, and automated pipelines
5) 3-5 years’ hands-on experience with Cloud platforms (Google Cloud, Azure, AWS – in order of preference)
Nice-To-Have Skills:
1) Experience with programming languages (Python, GO, Rego)
2) CI/CD tools experience
3) CNAPP experience
4) Experience from software delivery industry
5) Agile experience
Soft Skills Required:
• Able to maintain updated and consistent documentation about workflows, test results, change tickets and PoC implementations that are relevant for the team to reference.
• Able to prepare status updates and socialize them with team members and stakeholders.
• Collaboration skills to work with stakeholders like Platform Engineering and Security Architecture to align on the policies deployments.
• Proactively propose best practices to implement in our development and delivery lifecycles.
Education:
Bachelor’s in technical field e.g. computer science, information security
Cloud certifications and cloud security certifications are an asset
• Write Rego Policy-as-Code for application security scanning tools - SAST, DAST, SCA and MAST; to ensure that no critical or high vulnerabilities are deployed to production
• Write Rego Policy-as-Code for scanning Terraform and Cloud resources
• Write unit tests for these policies, and complete other QA activities to ensure the working and quality of the policies
• Deploy security policies to the cloud using DevOps strategies and tools.
• Integrate policies with Styra policy engine
• Work with cloud security architecture and cloud operations internal teams
• Role is split into technical part of 1) writing the Policy-as-Code, QA activities and 2) support delivery of the product – give updates, collaborate with team
Candidate Requirements/Must Have Skills:
1) 10+ years’ experience in related fields: Security Engineering, Cloud architecture, Security Operations, DevOps
2) 3-5 years’ experience with IaC (Infrastructure As Code) tool Terraform
3) 1-2 years’ experience with PaC (Policy As Code) tools Styra, Rego
4) 3-5 years’ experience with DevOps tools and strategies, including VCS, IaC, and automated pipelines
5) 3-5 years’ hands-on experience with Cloud platforms (Google Cloud, Azure, AWS – in order of preference)
Nice-To-Have Skills:
1) Experience with programming languages (Python, GO, Rego)
2) CI/CD tools experience
3) CNAPP experience
4) Experience from software delivery industry
5) Agile experience
Soft Skills Required:
• Able to maintain updated and consistent documentation about workflows, test results, change tickets and PoC implementations that are relevant for the team to reference.
• Able to prepare status updates and socialize them with team members and stakeholders.
• Collaboration skills to work with stakeholders like Platform Engineering and Security Architecture to align on the policies deployments.
• Proactively propose best practices to implement in our development and delivery lifecycles.
Education:
Bachelor’s in technical field e.g. computer science, information security
Cloud certifications and cloud security certifications are an asset
