Our client, is seeking a high-caliber, automation-focused Exception Template - Technical to join their Cyber Security Engineering team.
...
In this highly technical role, you will lead the design, development, and deployment of security orchestration and infrastructure automation across the enterprise. Your core focus will be dual-faceted: building sophisticated automated incident response playbooks in Python within Splunk SOAR, and engineering infrastructure automation playbooks in YAML via the Ansible Automation Platform. Beyond development, you will drive proof-of-concept evaluations, enforce security guardrails on system builds, and support the operational cutover and runbook documentation for incoming security technologies.
Duration: 6-Month Contract
Timeline: July 1, 2026 – December 31, 2026
Work Location: Hybrid (Based out of the corporate office at 1 York Street, Toronto, ON)
Advantages
Tier-1 Financial Technical Scale: Own security orchestration, automation, and response (SOAR) playbooks protecting a massive, highly visible banking infrastructure.
Modern Orchestration Environment: Leverage cutting-edge automation ecosystems including Ansible Automation Platform and Python-driven SOAR frameworks to replace legacy, manual operations.
Full-Lifecycle Engineering: Lead projects completely from original stakeholder requirement gathering and proof-of-concept (PoC) testing to final RACI mapping and operational handover.
Broad Domain Exposure: Gain deep operational visibility into advanced network security controls, endpoint detection and response (EDR), cloud native architectures, and certificate/cryptographic infrastructures.
Responsibilities
Security Orchestration & Automation Engineering
SOAR Playbook Development: Design, develop, test, and maintain robust, automated incident response and triaging playbooks using Python inside Splunk SOAR.
Ansible Infrastructure Automation: Build and configure automated workflows using YAML within the Ansible Automation Platform to programmatically provision user accounts, rotate security certificates, and manage dependencies during system deployments.
Environment Maintenance: Troubleshoot, debug, and remediate errors, platform bugs, and code anomalies within active automation and orchestrator runtime environments.
Strategic Implementation & Operational Readiness
Stakeholder Facilitation: Meet with cross-functional technical teams and business partners to refine operational requirements for net-new automation streams.
Proof-of-Concept (PoC) Delivery: Perform technical proof-of-technology tasks, evaluating and embedding new security capabilities into existing software stacks.
Operational Cutover (BAU): Smoothly transition projects from active implementation into steady-state operations. Author detailed Responsibility Assignment Matrices (RACI documents) and train downstream business-as-usual (BAU) operational squads.
CSIRT & Incident Documentation: Draft, update, and govern cybersecurity playbooks, platform policies, and knowledge-base runbooks utilized by the Incident Management and CSIRT teams.
Production Support Stability: Participate actively within a 24x7 on-call technical rotation, joining critical major incident management calls to provide engineering consultation and rapid troubleshooting.
Qualifications
Experience: Minimum 5+ years of progressive professional experience operating within the Information Technology sector, with at least 2–3+ years dedicated specifically to IT Security Engineering.
Splunk SOAR Fluency: 2 to 3 years of hands-on experience configuring and administering Splunk SOAR platforms.
Automation Programming Stack: 2 to 3 years of referenceable experience developing code within Python and YAML structures.
Ansible Domain Knowledge: Proven experience developing workflows and system configurations using the Ansible Automation Platform.
OS & Infrastructure Literacy: Solid foundational experience working with both Windows and Linux operating systems, along with a firm grasp of networking technologies (Firewalls, WAFs, IPS/IDS) and core cloud services.
Education: University degree or college diploma in Information Technology, Computer Science, Cyber Security, or equivalent practical field experience.
Soft Skills: Strong written and verbal communication skills, with a proven ability to translate complex technical anomalies cleanly for engineering peers and management.
Nice-to-Have Skills & Assets
Highly preferred professional security designations (e.g., CISSP, CISM, CISA, GIAC, CompTIA Security+, or AWS Certified Security).
Tactical conceptual knowledge of enterprise technologies: Endpoint Detection and Response (EDR), Public Key Infrastructure (PKI / Certificate Management), Email Security gateways, Web Content Filtering, and SIEM log management types.
Practical familiarity with disaster recovery (DR) architectures, data replication methods, and large-scale corporate migration deployment projects.
Summary
If you are a tech-savvy Security Platform Engineer who combines robust Python coding skills with deep Splunk SOAR and Ansible execution capabilities, this Toronto-based mandate offers an exceptional engineering playground. Bring your automation mindset, security framework knowledge, and technical leadership to an industry-leading security squad today!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more
Our client, is seeking a high-caliber, automation-focused Exception Template - Technical to join their Cyber Security Engineering team.
In this highly technical role, you will lead the design, development, and deployment of security orchestration and infrastructure automation across the enterprise. Your core focus will be dual-faceted: building sophisticated automated incident response playbooks in Python within Splunk SOAR, and engineering infrastructure automation playbooks in YAML via the Ansible Automation Platform. Beyond development, you will drive proof-of-concept evaluations, enforce security guardrails on system builds, and support the operational cutover and runbook documentation for incoming security technologies.
Duration: 6-Month Contract
Timeline: July 1, 2026 – December 31, 2026
Work Location: Hybrid (Based out of the corporate office at 1 York Street, Toronto, ON)
Advantages
Tier-1 Financial Technical Scale: Own security orchestration, automation, and response (SOAR) playbooks protecting a massive, highly visible banking infrastructure.
...
Modern Orchestration Environment: Leverage cutting-edge automation ecosystems including Ansible Automation Platform and Python-driven SOAR frameworks to replace legacy, manual operations.
Full-Lifecycle Engineering: Lead projects completely from original stakeholder requirement gathering and proof-of-concept (PoC) testing to final RACI mapping and operational handover.
Broad Domain Exposure: Gain deep operational visibility into advanced network security controls, endpoint detection and response (EDR), cloud native architectures, and certificate/cryptographic infrastructures.
Responsibilities
Security Orchestration & Automation Engineering
SOAR Playbook Development: Design, develop, test, and maintain robust, automated incident response and triaging playbooks using Python inside Splunk SOAR.
Ansible Infrastructure Automation: Build and configure automated workflows using YAML within the Ansible Automation Platform to programmatically provision user accounts, rotate security certificates, and manage dependencies during system deployments.
Environment Maintenance: Troubleshoot, debug, and remediate errors, platform bugs, and code anomalies within active automation and orchestrator runtime environments.
Strategic Implementation & Operational Readiness
Stakeholder Facilitation: Meet with cross-functional technical teams and business partners to refine operational requirements for net-new automation streams.
Proof-of-Concept (PoC) Delivery: Perform technical proof-of-technology tasks, evaluating and embedding new security capabilities into existing software stacks.
Operational Cutover (BAU): Smoothly transition projects from active implementation into steady-state operations. Author detailed Responsibility Assignment Matrices (RACI documents) and train downstream business-as-usual (BAU) operational squads.
CSIRT & Incident Documentation: Draft, update, and govern cybersecurity playbooks, platform policies, and knowledge-base runbooks utilized by the Incident Management and CSIRT teams.
Production Support Stability: Participate actively within a 24x7 on-call technical rotation, joining critical major incident management calls to provide engineering consultation and rapid troubleshooting.
Qualifications
Experience: Minimum 5+ years of progressive professional experience operating within the Information Technology sector, with at least 2–3+ years dedicated specifically to IT Security Engineering.
Splunk SOAR Fluency: 2 to 3 years of hands-on experience configuring and administering Splunk SOAR platforms.
Automation Programming Stack: 2 to 3 years of referenceable experience developing code within Python and YAML structures.
Ansible Domain Knowledge: Proven experience developing workflows and system configurations using the Ansible Automation Platform.
OS & Infrastructure Literacy: Solid foundational experience working with both Windows and Linux operating systems, along with a firm grasp of networking technologies (Firewalls, WAFs, IPS/IDS) and core cloud services.
Education: University degree or college diploma in Information Technology, Computer Science, Cyber Security, or equivalent practical field experience.
Soft Skills: Strong written and verbal communication skills, with a proven ability to translate complex technical anomalies cleanly for engineering peers and management.
Nice-to-Have Skills & Assets
Highly preferred professional security designations (e.g., CISSP, CISM, CISA, GIAC, CompTIA Security+, or AWS Certified Security).
Tactical conceptual knowledge of enterprise technologies: Endpoint Detection and Response (EDR), Public Key Infrastructure (PKI / Certificate Management), Email Security gateways, Web Content Filtering, and SIEM log management types.
Practical familiarity with disaster recovery (DR) architectures, data replication methods, and large-scale corporate migration deployment projects.
Summary
If you are a tech-savvy Security Platform Engineer who combines robust Python coding skills with deep Splunk SOAR and Ansible execution capabilities, this Toronto-based mandate offers an exceptional engineering playground. Bring your automation mindset, security framework knowledge, and technical leadership to an industry-leading security squad today!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more