Rockstar

enterprise accounting platform

DevSecOpsEngineer

Toronto, Ontario, Canada Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“DevSecOps Engineer at Rockstar. Skills: DevSecOps, CI/CD pipeline security, Cloud Security (GCP), Kubernetes, Secure Coding Practices, Golang, Typescript, Python. Implement and manage DevSecOps practices across the entire SDLC. Design and harden CI/CD pipelines”

Industry & Context.

enterprise accounting platform

What They're Looking For.

Must Have

4+ years of experience in DevSecOps, Security Engineering, or a related role focused on CI/CD pipeline security, Proven experience securing cloud environments, preferably Google Cloud Platform (GCP), Strong practical experience with hardening continuous integration/continuous deployment (CI/CD) systems, Proficiency in security practices for application development (SAST, DAST, secret scanning), Proficient in languages like Golang, Typescript, Python, or similar programming languages used for automation and development, Can handle the high intensity and fast pace of a startup environment

Nice to Have

Bachelor’s degree in Computer Science is preferred but not mandatory, Familiarity in IAM, Secret Manager, VPC controls, and Cloud KMS, Deep understanding of common security anti-patterns, Familiarity with compliance standards like SOC 2, PCI DSS, or ISO 42001 and experience generating evidence for auditors, verbal and written communication skills

What You'll Do.

Implement and manage DevSecOps practices across the entire SDLC

Design and harden CI/CD pipelines

Integrate and enforce security checks

Secure cloud infrastructure (GCP)

Manage encryption and key rotation

Oversee container and artifact hardening

Ensure application code follows secure coding best practices

Monitor CI/CD pipelines and production environments for anomalies and security-relevant events

Maintain documentation and controls necessary to align with compliance frameworks

Assist in developer infrastructure work

including deployment automation and internal tooling

How You'll Work.

Team & Collaboration

Assist in developer infrastructure work

Communication Scope

verbal and written communication skills

Full Job Description

Rockstar is recruiting for a modern enterprise accounting platform that eliminates the pain of financial operations through powerful integrations, intuitive design, and AI-driven automation. By consolidating processes into a single, easy-to-use platform and automating repetitive tasks, the client frees accounting teams to focus on strategic, high-impact work—achieving more with fewer resources. The client's team is led by top engineers and finance professionals from companies like Robinhood, Bolt, EY, Facebook, Twitter, Netflix, Amazon, Google, Airbnb, Rubrik, and more. Together, they are using their extensive industry experience to transform the way businesses manage their finances. The client is backed by leading Silicon Valley investors. They raised the largest seed round in their category, with support from top-tier VCs such as Kleiner Perkins and Audacious Ventures. This funding has allowed them to launch a fully operational product and onboard several major customers. ### Your Role * **Implement and manage DevSecOps practices** across the entire Software Development Lifecycle (SDLC), ensuring a "shift-left" approach to security. * Comfortable with **Kubernetes** and other container orchestration platforms. * **Design and harden CI/CD pipelines** (e.g., GitHub Actions) by implementing minimal permissions and leveraging OIDC with Workload Identity Federation for cloud deployments. * **Integrate and enforce security checks** , including SAST, dependency scanning, and secret scanning (e.g., using tools like Trufflehog or GitGuardian), to fail builds on high-severity issues. * **Secure cloud infrastructure (GCP)** by implementing the principle of least privilege for IAM, configuring VPC firewalls to restrict traffic, and using Google Secret Manager. * **Manage encryption and key rotation** using Cloud KMS, ensuring all secrets are handled securely and not stored in code or plaintext. * **Oversee container and artifact hardening** , including using multi-stage build

Free ATS check

Applying for this DevSecOps Engineer role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 68 detected · ranked by frequency

Kubernetes ×7

Golang ×6

Typescript ×6

Python ×6

SAST ×4

dependency scanning ×4

secret scanning ×4

multi-stage builds ×4

deployment automation ×4

internal tooling ×4

CI/CD pipeline security ×3

CI/CD pipeline design and hardening ×3

GCP security configuration ×3

IAM principle of least privilege ×3

VPC firewall configuration ×3

Google Secret Manager usage ×3

Cloud KMS for encryption and key rotation ×3

container and artifact hardening ×3

image vulnerability scanning ×3

artifact signing ×3

secure coding practices (input validation, output encoding, XSS prevention) ×3

secure authentication/session management ×3

CI/CD pipeline monitoring ×3

production environment monitoring ×3

audit log analysis ×3

documentation and controls for compliance ×3

DevSecOps ×2

Cloud Security (GCP) ×2

Secure Coding Practices ×2

GCP ×2

Google Secret Manager ×2

Cloud KMS ×2

BEHAVIOURAL

Can handle the high intensity and fast pace of a startup environment

Role Details

Seniority mid

Experience 4–5 yrs

Level Mid

Work Mode On-site

Education Bachelor’s degree

Category computer-software

AI-Extracted Insights

Domain Areas

modern-enterprise-accounting-platformfinancial-operationsai-driven-automationai-governance

Certifications

SOC 2SOC 1ISO 42001PCI DSS

ANONYMOUS · UNFILTERED

What do employees actually say about Rockstar?

Real rants from real employees. Read before you apply.

Read Company Rants →