Information Security Specialist
Job Description
Job Title: Information Security Specialist (Contract – Hybrid, Toronto)
Location: Toronto, ON (Hybrid – Onsite 1 day/week, increasing to 2–4 days/week)
Contract Duration: 6 months
Industry: Banking / Financial Services
Start Date: ASAP
Possibility of Extension or FTE Conversion: Yes
About the Role:
Are you a Security Engineer or DevOps Specialist with deep experience in Terraform, cloud security, and Policy-as-Code (PaC)? We’re hiring for a contract Information Security Specialist to join a top 5 Canadian bank’s Enterprise Security Services team.
You’ll play a key role in codifying and automating security policies using tools like Styra and Rego, enabling consistent application security standards across the organization. This is a hybrid opportunity in downtown Toronto, ideal for professionals looking to work on cutting-edge security tooling in a collaborative and high-impact environment.
Key Responsibilities:
Develop Rego Policy-as-Code for application security tools (SAST, DAST, SCA, MAST)
Scan and secure Terraform and cloud infrastructure resources
Deploy policies to the cloud using DevOps tools and pipelines
Integrate with the Styra Policy Engine
Collaborate closely with Cloud Security Architecture and DevOps teams
Maintain QA coverage, documentation, and participate in product delivery updates
Must-Have Skills:
10+ years in Security Engineering, Cloud Architecture, or DevOps roles
3–5 years of Terraform (IaC) experience
1–2 years working with Styra and Rego
Hands-on experience with GCP (preferred), Azure or AWS
Strong understanding of DevOps workflows, version control, and automated pipelines
Nice-to-Haves:
Scripting or development in Python, Go, or Rego
Experience with CI/CD tools, CNAPP, and Agile teams
Familiarity with software delivery processes and best practices
Why Apply?
Work with enterprise-scale cloud and security tools
Opportunity for extension or full-time conversion
Collaborate with an experienced, international security team
Contribute to a high-visibility project modernizing security automation
Location Requirements:
Must reside in the Greater Toronto Area (GTA) and be able to commute to the downtown office 1 day/week (Thursdays), increasing to 2–4 days/week by fall.
Interested?
Apply now or message me directly to learn more. Let’s connect if you’re passionate about infrastructure security, cloud automation, and policy-driven development! Send me an email to tinak@corgta.com
