Senior DevSecOps Engineer

• AI-First Senior DevSecOps Engineer
• Montreal (Hybrid: Tues–Thurs in office)
• Build and secure the cloud + Snowflake infrastructure powering one of only 3 Snowflake Native Apps in the world.
• Be the infrastructure guardian of enterprise AI—where deep cloud engineering meets cutting-edge data platforms.

Maxa, an AI-first company, is seeking a Senior DevSecOps Engineer to build and secure the cloud and Snowflake foundations behind our finance-grade AI products.

Maxa Analyst is the first auditable finance AI analyst, delivering CFO-ready, audit-proof answers in seconds. The infrastructure powering this must be ultra-reliable, secure, observable, and scalable — and that will be your domain.

Your work ensures that every environment, deployment, and Snowflake Native App we ship is resilient, high-performing, and trustworthy enough for enterprise use. As one of the earliest members of our DevSecOps function, you’ll shape our infrastructure strategy, own key operational systems, and become an asset in our team of Snowflake infrastructure experts.

Everything is being built from the ground up.

As our Senior DevSecOps Engineer, you’ll sit at the intersection of cloud engineering, security, and data platform operations. You’ll work closely with Product, Engineering, and Data teams to design, automate, and secure the full lifecycle of our cloud and Snowflake environments.

• Ensuring reliability and availability across GCP (or AWS/Azure) environments
• Maintaining our 99.9% uptime SLA through proactive monitoring and rapid incident response
• Managing Snowflake infrastructure and overseeing deployment of Snowflake Native Apps to customer accounts

• Creating and optimizing CI/CD pipelines for cloud services and Snowflake artifacts
• Implementing GitOps workflows with tools like ArgoCD and GitHub Actions
• Using Terraform and other IaC tools to define consistent, scalable infrastructure
• Designing automated test frameworks for infrastructure changes
• Leveraging advanced tooling (including agentic AI and coding assistants) to accelerate automation and quality

• Ensuring cloud and Snowflake environments follow best-practice security standards
• Implementing Zero Trust Architecture
• Managing secrets with Vault, GCP Secret Manager, or equivalents
• Supporting audits, compliance activities, and secure-by-default design

• Driving incident response and root-cause analysis
• Partnering with developers and data engineers to integrate DevSecOps practices
• Mentoring junior CloudOps engineers and upleveling our operations maturity

• Deep hands‑on experience in DevSecOps, CloudOps, or infrastructure engineering
• Strong IaC experience—Terraform expert
• Cloud fundamentals across IAM, networking, workload identity, and security (GCP preferred, AWS/Azure accepted)
• Production experience with Kubernetes, Docker, VPCs, firewalls, load balancers
• GitOps + CI/CD systems (ArgoCD, GitHub Actions, etc.)
• Monitoring/observability tooling (Prometheus, Grafana, Cloud Monitoring)

Either:

• Experience with Snowflake (or BigQuery/Redshift/Databricks)
• SQL and data operations literacy

Or:

• Strong infrastructure engineer ready to become a Snowflake expert (training provided)

• Python scripting for automation
• Bash/Scripting familiarity
• Infrastructure testing frameworks
• Understanding of distributed systems concepts

• You prefer a mature, fully built DevOps environment rather than constructing one
• You want narrow specialization vs. broad cloud + Snowflake ownership
• You prefer to avoid security responsibilities
• You’re uncomfortable being a core operator in a high‑stakes production environment
• You want minimal cross‑team collaboration

• Competitive base salary (aligned to seniority; this is a newly created role)
• 4 weeks vacation in year one, 5 weeks thereafter
• RRSP employer contribution after 3 months
• On‑site chef: three‑course lunches for $12
• Stock options in a post–Series A high‑growth AI company
• The opportunity to define the infrastructure and security standards for enterprise AI

You’ll join the Infrastructure & DevSecOps group under Bruno Hivert, DevOps, Security and Infrastructure Team Lead.

In your first days:

• You’ll get full access to our cloud + Snowflake environments
• We’ll introduce you to our Snowflake Native App customers and deployment flows
• You’ll begin refining our IaC standards, CI/CD pipelines, and observability setup

By week 2:

• You’ll be deploying updates to Snowflake Native Apps
• You’ll be leading improvements to monitoring, security posture, and automation workflows
• Your work will directly influence customer reliability and product velocity

1. Initial screening with Gen (30 min, GMeet)
   • Background + culture fit
2. Hiring Manager Interview with Bruno + Raya (45 min, GMeet)
   • Technical depth, ownership expectations
3. Technical Deep Dive (90 min, in‑person)
   • Cloud + infrastructure architecture discussion
   • Practical review of IaC, CI/CD, monitoring, and Snowflake operations

Timeline: ~2–3 weeks from application to offer