We're hiring a WebOps Engineer to lead the development lifecycle and enforce security and quality standards for our marketing website, with a strong focus on CI/CD governance, code quality, and release integrity. This is a full-time role responsible for building and maintaining a developer-friendly environment for a WordPress site hosted on Pantheon and managed via GitHub. You’ll enforce modern security practices, structured workflows, and automated deployment standards.

Your work will directly impact the speed, security, and quality of all web development efforts — from how code is written and reviewed, to how it’s tested, deployed, and protected. You’ll play a key role in setting up efficient workflows and upholding our organization’s high standards for code security, development discipline, and release integrity.

This is an ideal role for someone who cares deeply about building things the right way — scalable, secure, and sustainable. If you’re excited to be the force behind a safer, cleaner, and more productive dev environment, we’d love to talk to you.

What You’ll Do

• Collaborate with developers to identify and resolve security issues in plugins, themes, or deployment processes
• Enforce secure coding practices via code review guidelines, linting rules, pre-commit hooks, and static analysis tools
• Evaluate and integrate tools for automated vulnerability scanning, dependency monitoring, and code security checks
• Own and maintain a secure GitHub repository structure, including branching strategies, access permissions, commit standards, and PR review requirements
• Design and document a release-to-production workflow, including branching models, pull request requirements, approval gates, and deployment steps
• Build and maintain systems for commit hygiene, including naming conventions, changelogs, and traceable deployment logs
• Define and enforce structured workflows for development, QA, approval, and release
• Implement and maintain GitHub Actions CI/CD pipelines with security in mind — automated testing, build validation, deployment rules, and rollback safety
• Monitor and maintain the integrity of dev/staging/production environments in Pantheon, ensuring proper user access, deployment tracking, and version control
• Document and evangelize best practices for secure web development workflows, especially for WordPress and marketing websites
• Support onboarding of developers and ongoing coaching to adopt secure and scalable workflows

The Experience you bring:

• 4+ years of experience in a web development operations, DevOps, or developer experience role with a focus on website infrastructure
• Demonstrated experience managing GitHub-based development (repo structures, branch protections, PR processes)
• Experience with OWASP, code security auditing, and plugin vetting
• Strong knowledge of WordPress architecture, file permissions and filesystem security including custom theme/plugin development, Composer workflows, and WP-CLI
• Strong knowledge of PHP and understanding of WordPress internals, including plugin and theme security considerations
• Experience with security tools such as Snyk, Dependabot, GitHub Advanced Security, static analysis tools and scanners integrated into CI/CD workflows
• Experience with JavaScript build tools (e.g., Vite, Webpack) and security practices for modern frontend stacks (e.g., npm audit, dependency vetting)
• Working knowledge of common web vulnerabilities (e.g., XSS, CSRF, insecure plugins) and experience mitigating them in practice
• Excellent documentation and communication skills — you write clear process docs and help others follow them

Bonus points if you have:

• Experience designing and implementing structured release workflows for websites, ensuring code moves safely from development to production
• Experience deploying to and managing environments in Pantheon, including build tools and multidev workflows
• Knowledge of SSL, CSP headers, role-based access controls, and secure WordPress configurations
• Familiarity with REST API security standards and CORS policy design
• Experience managing environment variables and secrets securely within CI/CD pipelines and hosting environments

Aren’t sure if you’re a match? We know that impostor syndrome and the confidence gap can prevent us from meeting spectacular candidates — so don’t hesitate to apply; you could be the perfect fit!

Compensation
Boomi is committed to fair and equitable compensation practices. The base compensation for this position in Vancouver, B.C. ranges between 107,000 - 135,000 CAD annually + applicable bonus. Final compensation will be determined by various factors including the candidate’s knowledge, skills, and experience.

#LI-HYBRID #LI-AO1