Spécialiste des opérations de sécurité / Security Operations Specialist
Portage CyberTech•Montreal, QC
•Hybrid
About The Position
We are looking for a cloud-oriented security resource, both hands-on and analytical, that will play a key role in securing our Microsoft 365 and Azure environments. This role will be responsible for the implementation of security controls, risk analysis, incident management, and active contribution to ISO 27001:2022 certifications, SOC 2 Type II, and other compliance requirements. The role is action-oriented, focusing on configuring, operating, and continuously improving security posture. The person will work closely with the IT, compliance, and product teams.
Requirements
- Degree in Information Technology, Cybersecurity, or equivalent experience
- 5 or more years of experience in cybersecurity or cloud security
- Hands-on, in-depth experience with Microsoft 365, Entra ID, and Azure
- Strong understanding of M365 security controls, DLP, data classification, and governance
- Great understanding of Azure cloud environments
- Knowledge of ISO 27001, SOC 2 or NIST security frameworks
- Ability to produce clear, structured, and actionable documentation for audits
- High autonomy, sense of initiative and pragmatic approach
- At ease in an SME context
- Bilingual French and English
- Have a valid Canadian work permit
Nice To Haves
- Good understanding of AWS cloud environments an advantage
- Microsoft (security) or Azure certifications
- Experience with Sentinel or a SIEM
- Experience in a certified environment (ISO, SOC 2)
Responsibilities
- Configure, administer, and maintain Microsoft 365 and Entra ID security controls
- Manage security policies (Conditional Access, MFA, RBAC, Privileged Identity Management)
- Implement and maintain DLP, sensitivity labels, and data classification through Microsoft Purview
- Administration of Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud
- Monitor and improve security posture through Secure Score and Microsoft recommendations
- Manage Azure security groups, roles, and permissions
- Apply Copilot for Microsoft 365 governance best practices, including data access and information protection
- Help secure Azure and AWS environments
- Manage AWS and Azure security controls
- Participate in the evolution of cloud security architecture
- Monitor security events and analyze alerts
- Actively participate in the management of security incidents, from analysis to remediation
- Perform vulnerability scans and follow up on patches
- Contribute to risk analyses and incident response exercises
- Participate in incident post-mortem and continuous improvement of controls
- Actively participate in ISO 27001:2022, SOC 2 Type II, and other applicable frameworks
- Write and maintain audit policies, procedures, standards, and evidence
- Document security configurations, runbooks, and operational playbooks
- Collaborate with internal and external auditors
- Contribute to supplier evaluations and regulatory requirements, including Bill 25
Benefits
- 100% employer‑paid health benefits
- RRSP matching to invest in your future
- Flexible work: Remote, hybrid and on-site opportunities with offices in Gatineau and Montreal
- Generous paid time off
- An “Internal Talent First” philosophy, ensuring opportunities for learning and growth in a growing organization
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
Associate degree
