Role Description We are seeking a Senior IT Security Engineer to lead and support the development, implementation, and operation of secure authentication and identity solutions across cloud and web platforms. The role requires expertise in: - Java Spring Boot - Angular - Microservices - AWS - Authentication protocols (SAML, OpenID Connect) - DevOps practices - Operational lifecycle management The ideal candidate will have strong leadership experience, a hands-on technical background, and a focus on delivering secure, scalable, and reliable IT solutions within a fast-paced, agile, and global team environment. Qualifications - Expert JAVA EE development knowledge - Knowledge of authentication solutions, SAML, OpenID Connect, API Gateway - Expert knowledge in the areas of web and cloud technologies - Expertise in agile development and DevOps - Knowledge of current IT architectures, manufacturers, and trends - Strong sense of reliability, being available to support after-hours as required - Proven experience in a strong leadership capacity - Strong technical background with solid skills in Java Spring Boot, Angular, SQL, Kafka, MQ, AWS, execution of Linux commands - Strong operational management capabilities including incident management and troubleshooting, operational processes, and lifecycle management Requirements - Authentication Protocols: Knowledge in IT security features such as authentication protocols - Software Development Excellence: Strong technical background with focus on Java development skills and support - Effective Communicator: Exceptional leadership and communication abilities, facilitating clear dialogue across teams - Incident Management Expert: Skilled in managing incidents and troubleshooting technical issues promptly - Strategic Planner: Excellent planning and organizational skills, adept at navigating complex projects - Lifecycle Management: Knowledgeable in operational processes and lifecycle management to ensure optimal performance - Mentorship and Development: Committed to mentoring and developing team members, fostering growth and enhancing team dynamics - Strong troubleshooting skills with the following technical skills: - Java Spring Boot - Angular (Typescript and JavaScript) - Kafka & JMS (MQ) - SQL (Oracle, Postgres) - Cloud infrastructure (AWS) - RESTful and SOAP services - Design and development of Microservices - Git - CI/CD pipelines - Maven, Docker - Jira, Confluence - Payara/Glassfish - Linux Commands - Apache - WebLogic - Jenkins - Nexus Duties & Responsibilities - Understand the business requirements, preparing AS-IS, and TO-BE documents and get sign-off from users for functional and/or technical design document(s) - Preparation of system/technical documentation (as per ISO standards) - Proactively propose solutions to improve the support of (new) business processes - Review and present proposed system solution to IT Project Manager / Leader and User Management or System owner (PDO) - Executing the required changes through configuration - Develop system solutions in line with quality and delivery requirements - Interact with consultants of other modules for Integration requirements - Preparing test data and documentation, Conducting Unit tests, Regression tests, System Integration security tests including recording of results and change management (transport) activities - Preparing User manuals and conducting training to business process owners (PDO) - Planning of go live milestones, planning, preparation and execution of migration, cutover and Go-Live as well as post Go-Live support activities - Interaction with clients through meetings, calls and emails - Support the troubleshooting, resolving and closing of Production Support tickets (Incidents & Problems tickets) within defined SLA’s (Service Level Agreements) - User interface transactional solutions - Analyse and scope End-user authorisation roles - Update and maintain documentation as an existing system’s functionality is changed - Ability and willingness to coach and give training to fellow colleagues and users when required - Execution according to the Agile Methodology and attending of all team meetings, including Stand-ups, Sprint Review, Sprint Retrospectives, Sprint Planning meetings etc. - Meet with end users and gather requirements - Daily use of the Agile Tool Chain, as per the updates required by the respective feature team(s) Desired Experience & Qualification - IT Degree / Diploma / Equivalent experience - Experience in leading teams - Minimum of 5-7 years IT working experience - ITIL process knowledge and work experience (Required) Interested?

• Monitor security events and alerting via our security tooling, including MSSP, SIEM, AI, and CSPM tooling, to identify and triage potential threats • Design, develop, implement, and maintain high-fidelity detection rules and alerts within SIEM and other security platforms (e.g., EDR, Cloud Security tools) based on threat intelligence, MITRE ATT&CK framework, and identified risks • Own the continuous tuning and optimization of existing detection logic to reduce false positives and improve detection efficacy • Respond to issues identified by our Cribl employees • Act as a security incident response lead, including leveraging and improving detection capabilities during investigations • Design, build, and manage security playbooks, incorporating detection engineering best practices • Conduct security assessments of corporate assets through vulnerability testing, threat hunts, and purple team activities, with a focus on identifying detection gaps and opportunities • Perform both internal and external security reviews of corporate properties e.g., the corporate website and enterprise applications • Lead security incident response tabletop exercises • Continue to evolve and champion the use of Cribl products in our security tech stack to enhance detection, analysis, and response capabilities • Collaborate with threat intelligence teams to integrate new indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) into detection strategies • Partner cross-functionally with Product Security, IT, and Legal teams to strengthen overall security posture • This position will require stand-by, on-call, or off-hours duties

• Design, implement, and maintain controls in AWS (IAM, KMS, VPC, GuardDuty, Security Hub, Detective, CloudTrail/CloudWatch), network, endpoint, email, data security, vulnerability, and identity domains. • Define SLOs for control availability, latency, coverage, and drift; implement telemetry to continuously measure those SLOs. • Partner with infrastructure, platform, and application teams to build IaC modules (Terraform/CloudFormation) and platform automations (e.g., Python/Lambda, Step Functions) to enforce guardrails (account vending, baseline hardening, logging enablement, key policies, SCPs) using Git. • Implement break‑glass patterns and least‑privilege workflows that are auditable and reversible. • Engineer data pathways (e.g., CloudTrail, VPC Flow, ECS audit, identity logs) into SIEM/MDR tooling; ensure completeness, timeliness, and schema quality. • Translate Detection and Response Lead feedback on false positives/gaps into logging or control adjustments. • Own scanners/integrations, asset coverage, tagging standards, and develop risk‑based remediation pipelines (ticketing, auto‑remediation for low‑risk classes). • Partner with owners to remove friction (pre‑approved windows, canaries, rollbacks). • Engineer least‑privilege patterns, permission boundaries, conditional access, and automated key/secret lifecycle (rotation, discovery, usage attestations). • Provide ready‑to‑consume roles/policies to teams. • Maintain runbooks, design docs, and reusable modules; ensure changes are versioned, peer‑reviewed, and test‑. • Participate in control‑health and platform on‑call (e.g., logging ingestion failures, drift, outages). • Escalate security events to the Detection & Response Lead/MDR.

• Responsible for the protection of Celestica assets and to respond to alarms, emergency situations and to assist employees with security issue as part of our mission to provide a safe work environment • Responsible for maintaining appropriate access to all areas of the facility for both employees and customers • Controlling daily security operations including incident investigation, property passes, loss prevention, and all administrative duties required at the site