Senior Cyber Defense Engineer

About The Position

Requirements

• Deep, practical experience with the Azure Security stack, specifically Microsoft Sentinel, Defender for Cloud, and the Microsoft Defender portal.
• Mastery of KQL (Kusto Query Language) for threat hunting and detection rule creation.
• Experience designing scalable logging architectures (Diagnostic settings, Event Hubs, Log Analytics).
• Expertise of Azure-native networking security, including Azure Firewall, Web Application Firewall (WAF), and Private Link/Private Endpoints to ensure zero-trust connectivity.
• Experience securing Azure Kubernetes Service (AKS) and containerized workloads using Defender for Containers and admission controllers.
• Ability to drive initiatives from concept through to delivery with minimal supervision.
• Ability to navigate in a global organization.
• Capable of translating technical security risks into business impact for stakeholders and align on co-operation models.
• You don't just see an alert; you look for the root cause and the flaw in the system design that allowed it to trigger.
• Take initiative to design and improvements in the system and processes.

Responsibilities

• Design, build, and tune advanced detection logic within Microsoft Sentinel using KQL.
• Develop playbooks and workbooks to automate response actions and visualize threats.
• Lead the strategy for centralized logging.
• Optimize Log Analytics workspaces to ensure high-fidelity data ingestion while balancing cost and performance.
• Own and manage Microsoft Defender for Cloud.
• Drive the remediation of security recommendations and bridge the gap between security alerts and engineering fixes.
• Partner with Infrastructure and Solution Architects to ensure security is baked into the foundation of our Azure landing zones and CI/CD pipelines.
• Take high-level security objectives and translate them into technical roadmaps.
• Plan, execute, and report on progress directly to leadership.
• Apply a solid understanding of Azure networking, IAM (Entra ID), and compute services to identify and mitigate configuration drift.

Benefits

• Several benefits that might play a significant factor in considering whether to accept a job offer.
• Benefits package may vary from country to country.
• Global hybrid policy, asking employees to work from the office two days each week while allowing remote work on other days.
• Annual discretionary bonus (for Toronto only).
• Health and dental care (for Toronto only).
• Time off (for Toronto only).
• Group RRSP/TFSA (for Toronto only).