Senior Cyber Defense Engineer

SimCorp•Toronto, ON

11d•Hybrid

About The Position

We are looking for a Senior Cyber Defense Engineer who wants to be in a technical role. Someone who is comfortable going both wide and deep across our Azure security landscape. You won’t be siloed into a single area. Instead, you will play a key role across the end to end security lifecycle—shaping strategy, driving initiatives, and contributing deep expertise — from building efficient detections in Sentinel and managing incident response to designing the logging strategies that make our monitoring possible. Crucially, you will act as a bridge to our Architects, ensuring that our cloud infrastructure isn't just monitored, but is built to be secure from the ground up. We value ownership and initiative. We are looking for an engineer who can identify a security gap, plan the solution, and drive a taskforce to delivery of the solution. If you are a problem-solver who enjoys having a direct, visible impact on the security posture of a global platform, we want to talk to you.

Requirements

Deep, practical experience with the Azure Security stack, specifically Microsoft Sentinel, Defender for Cloud, and the Microsoft Defender portal.
Mastery of KQL (Kusto Query Language) for threat hunting and detection rule creation.
Experience designing scalable logging architectures (Diagnostic settings, Event Hubs, Log Analytics).
Expertise of Azure-native networking security, including Azure Firewall, Web Application Firewall (WAF), and Private Link/Private Endpoints to ensure zero-trust connectivity
Experience securing Azure Kubernetes Service (AKS) and containerized workloads using Defender for Containers and admission controllers.
Ability to drive initiatives from concept through to delivery with minimal supervision.
Ability to navigate in a global organization.
Clear Communication: Capable of translating technical security risks into business impact for stakeholders and align on co-operation models.
Methodical approach: You don't just see an alert; you look for the root cause and the flaw in the system design that allowed it to trigger.
Take initiative to design and improvements in the system and processes.

Responsibilities

Detection Engineering: Design, build, and tune advanced detection logic within Microsoft Sentinel using KQL. Develop playbooks and workbooks to automate response actions and visualize threats.
Logging & Monitoring: Lead the strategy for centralized logging. Optimize Log Analytics workspaces to ensure high-fidelity data ingestion while balancing cost and performance.
Cloud Security Posture (CSPM/CWPP): Own and manage Microsoft Defender for Cloud. Drive the remediation of security recommendations and bridge the gap between security alerts and engineering fixes.
Architectural Collaboration: Partner with Infrastructure and Solution Architects to ensure security is baked into the foundation of our Azure landing zones and CI/CD pipelines.
End-to-End Project Leadership: Take high-level security objectives and translate them into technical roadmaps. Plan, execute, and report on progress directly to leadership.
Infrastructure Understanding: Apply a solid understanding of Azure networking, IAM (Entra ID), and compute services to identify and mitigate configuration drift.