Senior Security Advisor
BrokerLink
- Toronto, ON
- Permanent
- Full-time
- Provide security engineering and support for projects, embedding security throughout the project lifecycle. Collaborate with stakeholders to develop and implement security plans and processes
- Develop and implement security controls using Microsoft technologies, including Azure Defender, MS Defender XDR, MS Sentinel, and Purview, focusing on workload protection and posture management
- Conduct thorough security assessments and ensure compliance with security requirements, mitigating risks effectively
- Perform comprehensive security reviews for business acquisitions to identify and mitigate security risks
- Participate in planning and designing enterprise security architecture to ensure robust security measures are in place
- Assist Level 1 and Level 2 Security Analysts in investigating security incidents, employing methodologies such as MITRE ATT&CK and Cyber Kill Chain. Leverage AI to automate investigation and response processes effectively
- Develop and implement information security metrics, measurement criteria, and reporting mechanisms to ensure compliance and drive continuous improvement
- Assist in the design and testing of BCP and DR initiatives to ensure resilience against security threats
- Lead identity and access management projects, utilizing Microsoft Identity products and tools such as Azure Active Directory, MFA, Conditional Access, and Azure PIM
- Collaborate with development teams to promote secure coding practices throughout the software development lifecycle (SDLC)
- Assist in enhancing the vulnerability management program to proactively identify and mitigate security vulnerabilities
- Make recommendations and document baseline security configurations for networks, systems, and technologies to enhance overall security posture
- Support teams with security audit requests, ensuring compliance with regulatory requirements and industry standards
- Create and maintain security-related documentation, including policies, standards, and procedures
- Provide guidance, and instructions to Level 1 and Level 2 Security Analysts. Help create a culture of security awareness and expertise within the team
- Post-secondary education in IT/Computer Science
- Azure Certification (AZ-500) is a must-have
- 8 + years in Information Security with hands on technical experience in Microsoft/Azure environments
- Leadership experience in the development and implementation of technical security architectures at the specified experience level
- Ability to lead conversations as a subject matter expert representing the Cybersecurity team
- Strong IAM background with proficiency in identity governance, Entra ID/Azure AD, MS conditional access policies, and MFA
- Hands-on experience in collecting, analyzing, and responding to security incidents, including the ability to disseminate cyber threat intel
- Experience in Secure Software Development Lifecycle (SSDLC), and familiarity with DevOps tools like Azure DevOps, GitHub
- Experience with Azure Defender for cloud, M365 XDR, MS Sentinel
- Strong knowledge of security standards and frameworks (ISO 27001, NIST SP 800-53, PCI DSS)
- Certifications like CISSP, CCSP, CISM, CIRC) are an asset
- Experience in a 24x7 Security Operations Center is a nice-to-have
- Understanding governance and risk frameworks (such as COBIT, NIST RMF, and Risk IT) is an asset
- Scripting language familiarity (PowerShell, Python, ) is an asset
- Flexible health and dental insurance benefits package
- Personal Spending amount to invest in your healthy lifestyle
- RRSP - Registered Retirement Savings Plan with Company matching
- ESPP - Employee Share Purchase Plan (TSX:IFC) program with matching aspect
- ‘Dress for your day’, dress according to your daily schedule
- Competitive compensation package with bonus aspect
- Employee discount program, including Apple, Bell, Rogers and more!
- Paid Time Off in the form of: Personal days, Volunteer days, Exam/Study Time, Jury Duty and starting at 3 weeks of vacation per year!
- Working for an employer who is regularly recognized as one of Canada’s best employers such as Kincentric 2023