Cloud Security Operations Lead

About The Position

Requirements

• 5+ years in cloud engineering, architecture, or administration
• 3+ years in Azure security operations, including hands-on experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender.
• Deep expertise in: Azure infrastructure: networking, storage, identity, and governance
• Security architecture design: Zero Trust, CNAPP/CSPM integrations, GRC strategies
• Security tools: Microsoft Defender suite, Sentinel (KQL, analytics, automation), Intune
• Exposure and skill in Infrastructure-as-Code: PowerShell, ARM templates, Terraform desired
• Familiarity with compliance frameworks: ISO, NIST, GDPR, HIPAA, PCI DSS
• Experience as a Technical Architect, designing the technical aspects of implementations/configurations.
• Excellent communication and client engagement capabilities.
• Background in Microsoft technology solution development and delivery
• Stays current with evolving endpoint technologies as they apply to enterprise company environments.
• Dynamic personality able to effectively engage and influence internal and external stakeholders.
• Independent self-starter with a collaborative working style, strong work ethic and flexibility to take on wide range or roles and responsibilities
• Ability to influence and negotiate effectively with new partners and existing internal resources
• Strong problem solving and creative thinking abilities.
• Willingness to travel as required and work outside of normal business hours
• Careful attention to detail with strong organizational and analytical capabilities
• Effective verbal and written communication skills
• Team player who can influence others within the business and functional teams
• Ability to work under tight timelines within a very dynamic, fast-paced environment
• Ability to operate at the strategic level yet being close enough to the details to add value to clients and be a technical support to their team.
• Empathy driven communication & user centric mindset
• Problem solving & critical thinking
• Detail orientation with disciplined execution
• Change leadership & stakeholder engagement
• Effective facilitation & consultative communication
• Organization and ability to manage multiple priorities
• Team collaboration and willingness to share knowledge

Responsibilities

• Operate and maintain client Azure environments on an ongoing basis, including monitoring, investigating, and resolving security alerts using Microsoft Sentinel and Microsoft Defender tools.
• Implement and support secure Azure solutions, including identity hardening (Azure AD), networking configurations, and security policies, ensuring configurations remain effective and compliant over time—not only at initial deployment.
• Personally, take ownership of security incidents from detection through remediation and post-incident review.
• Maintain and update runbooks, alert response procedures, and configuration documentation based on real-world incidents, audits, and operational findings.
• Review security posture metrics (e.g., Azure Secure Score, vulnerability findings) and apply corrective changes directly or coordinate execution with other technical teams. Communicate outcomes clearly to internal and client stakeholders.
• Act as the primary escalation point for complex endpoint-related incidents, including failed device deployments, policy conflicts, security compliance issues, and user-impacting problems. Drive issues to resolution and ensure fixes are documented and repeatable.
• Oversee endpoint lifecycle processes such as onboarding/offboarding, device refreshes, and configuration standardization, ensuring changes are executed accurately and with minimal disruption to end users.
• Actively participate in incident, request, and escalation queues, ensuring complex cloud or security issues are prioritized, worked, and resolved within defined service expectations.
• Balance proactive improvement work with reactive support responsibilities, maintaining a strong focus on direct hands-on client work within managed service agreements.
• Support major incident response by coordinating technical efforts, communicating status and resolution steps, and assisting service delivery leadership in restoring service quickly and effectively.
• Identify recurring issues, operational gaps, or process breakdowns and propose practical improvements that reduce ticket volume, escalation frequency, or client impact.
• Serve as an internal escalation resource and real-time technical coach, guiding technicians during live troubleshooting, incident calls, and complex implementations.
• Review and provide feedback on technicians’ work (tickets, configurations, remediation steps), improving quality, consistency, and adherence to best practices.
• Contribute to the development and refinement of standard operating procedures, knowledge base articles, and deployment standards to improve repeatability and service quality.
• Identify opportunities for automation and operational efficiency, including scripting, policy standardization, or integration between systems to reduce manual effort and error.
• Work directly with client stakeholders to explain incidents, remediation actions, and recommend improvements in clear, non-technical language, reinforcing trust and transparency.
• Participate in client discussions related to cloud health, endpoint stability, and security posture, grounding recommendations in observed operational realities rather than theory alone.
• Proactively identify areas of un-met needs or risk within client environments and suggest actionable improvements that align with managed service capabilities.

Benefits

• Three weeks vacation plus extra Flex Days, leadership development opportunities, growth coaching, and reimbursements for educational advancement and certifications.
• Health Spending Account or RRSP matching, extended health care, dental and vision coverage, disability and life insurance, and an employee assistance program.
• Tuition reimbursement, paid time off, on-site parking, high-class office amenities, and company events.