Senior Security Engineer - Controls, Compliance & Cloud Security

About The Position

Requirements

• 6+ years of hands-on experience in cybersecurity, security engineering, cloud security, control implementation, audit support, incident response, and vulnerability management.
• Strong understanding of regulatory frameworks such as CIS, SOC, NIST, and similar standards.
• Experience with governance automation, control validation, and policy enforcement tools.
• Proven expertise in Microsoft Azure Cloud architecture, Microsoft 365, Microsoft Exchange, Proofpoint, and cloud management processes.
• University degree from a recognized institution or equivalent practical experience, with strong technical experience in cybersecurity, infrastructure, and cloud environments.
• Strong working knowledge of cloud platforms such as Microsoft Azure, AWS, and Google Cloud, along with identity, networking, endpoint, and collaboration security concepts.
• Excellent analysis, problem-solving, team, conflict management, and time management skills.
• Outstanding verbal and written communication skills.
• Experience managing or delivering IT services within outsourced and managed services environments.
• Proven expertise with cloud-hosted technology and thorough understanding of IT security, networking principles, incident response practices, vulnerability remediation workflows, and email security controls.
• Experience supporting security assessments, control reviews, audit evidence requests, and remediation activities in regulated or compliance-driven environments.
• Strong collaboration and interpersonal skills, with the ability to work effectively across technical teams, audit stakeholders, vendors, and business partners.

Responsibilities

• Act as a senior technical contributor responsible for implementing, maintaining, and improving security controls across cloud and enterprise environments to reduce risk and support compliance objectives.
• Partner with infrastructure and application teams to embed security by design in all cloud and on-premise initiatives.
• Translate security and compliance requirements into practical technical controls, standards, and baselines for cloud and on-premise IT infrastructure and collaboration platforms, including Microsoft 365.
• Execute audit and control assurance activities, including risk assessments, control testing, evidence collection, vulnerability management tracking, and remediation follow-up to maintain compliance and reduce security risk.
• Administer and enhance Identity and Access Management (IAM), data protection, threat monitoring, incident response activities, and email security capabilities across the organization.
• Administer, troubleshoot, and improve email security operations, including technical configuration and optimization of Proofpoint and Microsoft Exchange protections for phishing defense, email hygiene, secure mail flow, and threat remediation.
• Recommend and implement technical and procedural improvements that strengthen control effectiveness, audit readiness, organizational resilience, and overall security posture.
• Maintain and administer infrastructure security processes, including secure configuration, add/moves/changes to Active Directory, storage systems, Azure cloud, servers, network, application hosting, backup, server patching, and related control enforcement activities.
• Provide technical security input to vendor assessments, solution reviews, and control evaluations to ensure new and existing services align with security and compliance requirements.
• Perform security control and audit support activities, including control mapping, evidence preparation, issue remediation tracking, and alignment to frameworks such as CIS, SOC, NIST, and related standards.
• Serve as a senior technical security resource supporting secure configuration, hardening, remediation, and control maturity across infrastructure, cloud platforms, identity services, and core enterprise systems.
• Provide technical guidance on security standards, control requirements, and implementation approaches that align with business, regulatory, and audit expectations.
• Assess technical security requirements for new solutions and services, participate in architecture and design reviews, and validate that implementations meet defined control and compliance expectations.

Benefits

• Fully company covered heath and dental benefits from day 1
• Company funded Health Spending Account
• Plan for retirement with Deferred Profit Sharing Plan (DPSP) and RRSP Matching
• Grow with us! We provide support for continuous learning.
• Paid personal and sick days on top of your vacation
• Summer hours to enjoy the weather
• Company sponsored social events & more!