Job details
Cyber Security Engineer (JO#11079)
IT - Application & Software Development
Toronto, ON
Contract
Apr 14, 2025
Our client is searching for an Azure Security Engineer, for a 3 month contract (hybrid 2-3 days per week in downtown Toronto), to do the following...
Key Job Responsibilities and Duties:
• Provide subject matter expertise on architecture, authentication, and systems security. Understand our full engineering stack, services and data flow
• Lead and assess, design, implement, automate, and document security solutions and processes for Microsoft Azure, SaaS applications and other cloud platforms
• Architect and deploy security solutions in cloud environments including Microsoft Azure and M365
• Assist and train team members in the use of cloud security tools and the resolution of security issues
• Research and maintain an extensive knowledge base of current cloud technology advancements, trends and directions and identify the potential threats and exposures
• Assist in investigation and remediation of security incidents and issues
• Create and support KPIs and KRIs that measure risk reduction and progress in cloud over time
• Help governance, compliance, and risk management teams to ensure the system consistently meets the cyber security requirements
• Act as a mentor across the teams to enable a best of breed approach to cloud security and cloud management
• Protect the systems from data breaches at all times
• Monitor, operate and improve system uptime, performance, high availability and disaster recovery readiness
• Collaborate with other operational and development teams during triage and resolution of operational issues
• Lead other cyber security related tasks
• Deploy and finetune SIEM solutions, threat hunting, security events analysis and forensics investigations
• Deploy and manage Vulnerability solutions
• Manage security web broker cloud access solutions
Work closely with DevOps team to perform security penetration testing in-house developed apps
Candidate Profile (Qualifications, Experience, Skills):
• Bachelor's degree in engineering, computer science, information systems, business and/or other related major
• CISSP, CCSP, CRISC, CISM, Certified Ethical Hecker (CEH), CASP+, GIAC Certifications
• 5+ years of ethical hacking, cloud security technologies and penetration testing experience
• 7+ years of experience with Microsoft Azure Cloud Platform
• 7+ years of experience with Microsoft AAD, M365 and Endpoint Manager.
• 7+ years of experience with Endpoint Point solutions (Microsoft Defender)
• 5+ years of experience with Network Access Control solutions (Aruba ClearPass, Central)
• 5+ years of experience with Privileged Access Management Solutions (CyberArk)
• 7+ years of experience with Cloud security practices
• 7+ years of experience with implementing and configuring IT infrastructure systems, including operating systems, applications, databases, firewalls, and networks
• Extensive experience in a Linux and MS Windows operating systems, configuration, installation, tuning, maintenance and monitoring
• Extensive experience with Cloud Security and SASE solutions (e.g. Zscaler)
• Extensive experience with SIEM solutions (Rapid 7, Exabeam, Sentinel)
• Experience with AWS and Azure security design, architecture and implementations.
Experience with DevSecOps tools and technologies such as Veracode or Synk.
• Firm grasp of networking protocols and operations. Comfortable with low level packet sniffing, working knowledge on Kali, Wireshark, Burpsuite, Metasploit, nmap, fiddler, sqlmap, nessus. Knowledge on network attacks, detections, and defences.
• Experience with scripting (Python, Perl, Bash, PowerShell) and API integrations
• Knowledge of Identity and Access Management concepts and technologies to secure production and corporate access, such as SSO, SAML Federated Identity, RBAC, authentication & authorization solutions
• Ability to analyze and solve complex challenges
• Must have knowledge of theoretical and applied cryptography, key management, and a strong understanding of cryptography algorithms such as RSA, AES, SSL vs TLS, PKI, etc
• Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO27001, ISO 27017 and NIST.
Key Job Responsibilities and Duties:
• Provide subject matter expertise on architecture, authentication, and systems security. Understand our full engineering stack, services and data flow
• Lead and assess, design, implement, automate, and document security solutions and processes for Microsoft Azure, SaaS applications and other cloud platforms
• Architect and deploy security solutions in cloud environments including Microsoft Azure and M365
• Assist and train team members in the use of cloud security tools and the resolution of security issues
• Research and maintain an extensive knowledge base of current cloud technology advancements, trends and directions and identify the potential threats and exposures
• Assist in investigation and remediation of security incidents and issues
• Create and support KPIs and KRIs that measure risk reduction and progress in cloud over time
• Help governance, compliance, and risk management teams to ensure the system consistently meets the cyber security requirements
• Act as a mentor across the teams to enable a best of breed approach to cloud security and cloud management
• Protect the systems from data breaches at all times
• Monitor, operate and improve system uptime, performance, high availability and disaster recovery readiness
• Collaborate with other operational and development teams during triage and resolution of operational issues
• Lead other cyber security related tasks
• Deploy and finetune SIEM solutions, threat hunting, security events analysis and forensics investigations
• Deploy and manage Vulnerability solutions
• Manage security web broker cloud access solutions
Work closely with DevOps team to perform security penetration testing in-house developed apps
Candidate Profile (Qualifications, Experience, Skills):
• Bachelor's degree in engineering, computer science, information systems, business and/or other related major
• CISSP, CCSP, CRISC, CISM, Certified Ethical Hecker (CEH), CASP+, GIAC Certifications
• 5+ years of ethical hacking, cloud security technologies and penetration testing experience
• 7+ years of experience with Microsoft Azure Cloud Platform
• 7+ years of experience with Microsoft AAD, M365 and Endpoint Manager.
• 7+ years of experience with Endpoint Point solutions (Microsoft Defender)
• 5+ years of experience with Network Access Control solutions (Aruba ClearPass, Central)
• 5+ years of experience with Privileged Access Management Solutions (CyberArk)
• 7+ years of experience with Cloud security practices
• 7+ years of experience with implementing and configuring IT infrastructure systems, including operating systems, applications, databases, firewalls, and networks
• Extensive experience in a Linux and MS Windows operating systems, configuration, installation, tuning, maintenance and monitoring
• Extensive experience with Cloud Security and SASE solutions (e.g. Zscaler)
• Extensive experience with SIEM solutions (Rapid 7, Exabeam, Sentinel)
• Experience with AWS and Azure security design, architecture and implementations.
Experience with DevSecOps tools and technologies such as Veracode or Synk.
• Firm grasp of networking protocols and operations. Comfortable with low level packet sniffing, working knowledge on Kali, Wireshark, Burpsuite, Metasploit, nmap, fiddler, sqlmap, nessus. Knowledge on network attacks, detections, and defences.
• Experience with scripting (Python, Perl, Bash, PowerShell) and API integrations
• Knowledge of Identity and Access Management concepts and technologies to secure production and corporate access, such as SSO, SAML Federated Identity, RBAC, authentication & authorization solutions
• Ability to analyze and solve complex challenges
• Must have knowledge of theoretical and applied cryptography, key management, and a strong understanding of cryptography algorithms such as RSA, AES, SSL vs TLS, PKI, etc
• Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO27001, ISO 27017 and NIST.