Cloud Security Specialist

Montréal, Canada

At OneSpan, you’ll be part of a team that is trusted by more than 10,000 organizations around the world to safeguard their customers against cyber-crime and fraud, and deliver exceptional digital experiences that build lasting customer loyalty. Your contribution will help us to push the boundaries of what’s possible to improve the security and lives of millions of people around the world. In short, what you do here matters.

OneSpan is looking for an experienced ‘Cloud Security Engineer’ to join its Security Competence Center in Montreal.


The Cloud Security Engineer will focus on the day-to-day security management of OneSpan’s cloud-based Trusted Identity (TID) platform, which offers strong authentication and fraud detection services to OneSpan’s customers.

As Cloud Security Engineer, you will help ensure our cloud infrastructure and applications are secure, designed and implemented to the highest standards. If you enjoy analysing the security of cloud services, discovering and addressing security issues, quickly reacting to new scenarios, and implementing new security tools, this position will provide you with a great opportunity! You will lead in security reviews, vulnerability testing and incident response across all elements of OneSpan’s Trusted Identity platform.

The key tasks of the Cloud Security Engineer are as follows:

  • Monitor, analyse and respond to security events and incidents from SIEM, firewalls, IDS/IPS, anti-virus, SAST/DAST/IAST security scanners, and other security tools.
  • Research, evaluate, design, test, recommend, and implement new network security tools such as IDS/IPS, SIEM, and anti-DDoS tools.
  • Report common and repeat problems to management and propose process and technical improvements.
  • Work with cloud engineering teams to ensure cloud infrastructure and software meets security best practices.
  • Evaluate the implementation of security tools via internal audits to verify compliance with the security policies.
  • Promote a culture of security throughout the company, and educate other departments (e.g. engineering, operations) on security procedures and security risks.


  • You have a Bachelor or Master in Computer Science / Information Systems / Information Security or other related field
  • You have minimum 3-5 years relevant experience in a cloud-based environment
  • You have strong practical experience with security technology for cloud environments (e.g. AWS, Azure), such as:
    • Firewall configuration
    • Intrusion detection and prevention (IDS / IPS) tools
    • Anti-malware tools
    • Security patching tools (e.g. Pulp)
    • Security Incident and Event Management (SIEM) tools (e.g. ELF/ELK stack)
    • Web application firewalls and Next-Generation Firewalls
    • Virtual private network (VPN) technology
    • Penetration testing tools (e.g. Nessus)
    • Code analysis and vulnerability scanning tools
    • Active Directory and LDAP technology
    • Hardware Security Modules (HSMs)
  • You have experience with network essentials, with understanding of concepts such as OSI model and networking protocols such as TCP/IP, DNS, HTTP, TLS
  • Knowledge of system security vulnerabilities and remediation techniques, and familiarity with common attack patterns and exploitation techniques
  • You speak fluently English, Dutch is an asset.