DevSecOps Practices Specialist

Closing Date: February 7, 2025

Teck is a leading Canadian resource company focused on responsibly providing the metals essential for global development and the energy transition while caring for the people, communities and land that we love.

Teck's two regional business units, North America and Latin America, oversee Teck's assets through all phases of safe, sustainable development, operation and closure. The business units are supported by enterprise-wide functions that set strategic direction, establish standards and provide governance, as well as supporting the business through shared services, centers of excellence and business partnering.

Reporting to the Manager, Business Applications, the Senior DevSecOps Specialist is responsible for crafting, integrating and maintaining DevSecOps practices in the Enterprise Applications teams. This outstanding role requires a solid background in application security, development and operations! The successful individual will curate, implement, and maintain automated CI/CD pipelines while ensuring secure and efficient application deployments across cloud and on-premise environments. This role also involves applying infrastructure as code practices using Terraform and embedding security into all stages of the development lifecycle. In doing so, the role will collaborate across the Enterprise Applications, Infrastructure & Operations, and Cyber Security groups to improve the reliability, scalability, and security of our systems.

Responsibilities

• Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures

• Design, develop, and maintain DevSecOps practices and artifacts, including CI/CD pipelines

• Automate the build, test, and deployment of applications to both Azure and on-premise Windows environments

• Apply Terraform to implement infrastructure as code for provisioning Azure resources and application configuration management

• Embed security best practices into CI/CD pipelines under supervision, including automated security validation, testing, vulnerability assessments, and compliance checks in alignment with technology standards

• Collaborate with development teams to ensure applications are deployed securely and efficiently, with accurate monitoring and logging mechanisms

• Build and enforce security measures in line with standard. This includes secure coding practices, software component analysis, static and dynamic testing, access control policies, and identity management in Azure and on-premises environments

• Implement monitoring, logging, and alerting solutions to ensure application health and performance with a proactive approach to resolving issues

• Collaborate with Digital Risk and Cyber Security to integrate applicable security key performance and risk indicators into the overall measurement of digital risk and cyber security at the organization

• Act as a bridge between development, security, and support teams to foster a culture of collaboration, continuous learning, and security awareness

• Provide expertise to troubleshoot and resolve applications production issues

Qualifications

• 5+ years in a DevOps or DevSecOps role, with hands-on experience in CI/CD pipelines, automation, and application deployment with a focus on secure development practices

• Solid understanding of applications development, operations and security practices, including troubleshooting

• Strong proficiency with CI/CD tools such as Azure DevOps or GitHub Actions

• Experience deploying and managing applications on Azure and on-premise IIS servers

• Proficiency in scripting and programming languages (C#, Node.js)

• Clear understanding of web application security risks (e.g. OWASP Top 10)

• Secure develop certification from a recognized provider (e.g. ISC2, SANS) is recommended

Why Join Us?

At Teck, we offer more than just a job – we provide a pathway to personal and professional enrichment. With captivating projects set against stunning backdrops, a culture of inclusivity and collaboration, and boundless opportunities to learn and grow, joining us means embracing a fulfilling and dynamic career adventure. 

Teck employees receive access to our total rewards program and comprehensive benefits package that promote physical, mental, financial, and emotional well-being. This includes but is not limited to:  

• Annual Performance Bonus 
• Profit Share Plan 
• Health Spending Account   
• Personal Spending Account 
• Extended Health Care   
• Dental and Vision Care 
• Employer Paid Pension Plan 
• Life Insurance and Disability Coverage  
• Paid Sick Leave, Vacation and Holidays      
• Virtual Telemedicine and additional support for overall well-being 
• Employee and Family Assistance Program (EFAP)      

Salary Range: $103,000 - $127,000 

The actual base salary offered is determined based on the successful candidate’s relevant experience, skills, and competencies and considers internal equity. 

About Teck

At Teck, we value diversity. Our teams work collaboratively and respect each person’s unique perspective and contribution. 

Teck is one of Canada's leading mining companies, focused on providing products that are essential to building a better quality of life for people around the globe. Our commitment to our people is why Teck has been named one of Canada’s Top 100 Employers for seven consecutive years, listed as one of Canada's Top Employers for Young People and named to the 2024 Bloomberg Gender-Equality Index. The pursuit of sustainability guides Teck's approach to business and we are proud to be recognized as one of the 2024 Global 100 Most Sustainable Corporations by Corporate Knights. Headquartered in Vancouver, Canada, its shares are listed on the Toronto Stock Exchange under the symbols TECK.A and TECK.B and the New York Stock Exchange under the symbol TECK. 

Learn more about Teck at www.teck.com or follow @TeckResources.

We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.