DevSecOps Engineer

DevSecOps Engineer is responsible for deploying and managing security tools, ensuring seamless integration across cloud and on-premises environments. This role includes vulnerability management, incident response, compliance with industry standards, and conducting security audits to safeguard the organization's infrastructure. About PAVE - A product of Discovery Loft PAVE 🔧🚗is an innovative automotive technology company transforming the way the world inspects vehicles. Powered by Intelligent Damage Detection capabilities, PAVE enables anyone with a smartphone to complete a guided vehicle inspection simply by taking photos of their car.Headquartered in Toronto, our team brings deep expertise from both the automotive and technology industries, blending the best of artificial intelligence and automotive intelligence.For more information, visit pave.ai. What We’d Love From You Be open minded to things you do not know,  consistently learn  and grow the skills necessary for the job Be ready to adjust and implement new plans in a fast paced environment Be confident and responsible; responsible down to a single line of code.  Always be working on self improvement; willing to review your progress and see how you can make it better  Getting the job done is a priority.  Have good sportsmanship and be competitive; we have structured the responsibilities to be somewhat like a game!  Be respectful and helpful to others and your working environment Treat yourself well and save the Earth. Be motivated, creative and passionate - it will ignite the rest! Responsibilities Security Systems & Integration:Deploy and configure security tools such as PAM, SIEM (Splunk), EDR/XDR/NDR, IAM, and cloud security platforms.Integrate these systems with existing infrastructure, ensuring seamless operation across cloud and on-premises environments. Vulnerability & Risk Management:Perform vulnerability assessments, manage security patches, and track threat intelligence.Prioritize vulnerabilities based on severity, ensuring remediation within SLA.ư\ Incident Response & Monitoring:Contribute incident response efforts, managing the process from detection to mitigation.Use SIEM and EDR tools for real-time security monitoring and alert management.Develop and maintain incident response playbooks and escalate issues when necessary. Compliance & Endpoint Security:Ensure security systems comply with frameworks like ISO 27001, SOC2, and GDPR.Manage endpoint security through MDM solutions, ensuring secure configurations and device management. Security Audits & Penetration Testing:Conduct penetration tests and security audits to assess system vulnerabilities and recommend improvements.Apply CIS, STIGs, and other security benchmarks to infrastructure.