Job Summary
Emterra Group is seeking a Security and Compliance Lead to own and advance our cybersecurity posture and regulatory compliance program across our Microsoft 365 and Azure cloud environments. This is a hands-on leadership role responsible for designing, implementing, and maintaining security controls while ensuring alignment with applicable frameworks and standards.
Position Description
Security Operations & Architecture
- Design and maintain security architecture across Microsoft Azure, Microsoft 365, and on-premises infrastructure
- Manage and optimize (Endpoint, Identity, Cloud Apps, Office 365), SIEM, and Entra ID (Azure AD)
- Lead vulnerability management, threat detection, and incident response activities
- Configure and maintain Conditional Access policies, Zero Trust network access, and Privileged Identity Management (PIM)
- Oversee Azure Security Center / Defender for Cloud recommendations and remediation
Compliance & Governance
- Develop and maintain the organization's information security policies, standards, and procedures
- Lead compliance efforts across applicable frameworks (NIST, PIPEDA, or industry-specific regulations)
- Manage Microsoft Purview for data classification, DLP policies, information protection labels, and eDiscovery
- Conduct and coordinate internal audits, risk assessments, and third-party security reviews
- Maintain compliance posture within the Microsoft 365 Compliance Center and Secure Score benchmarks
Identity & Access Management
- Administer and mature Entra ID (Azure AD) including RBAC, MFA, SSO, and lifecycle management
- Manage privileged access through PIM and Just-in-Time (JIT) provisioning
- Oversee identity governance and access reviews
Risk Management
- Conduct regular risk assessments and maintain the organizational risk register
- Develop and test the Business Continuity Plan (BCP) and Disaster Recovery (DR) procedures
- Evaluate and manage vendor and third-party security risk
Training & Awareness
- Design and deliver security awareness training programs across the organization
- Act as internal subject matter expert and advisor on security matters for all departments
- Report security metrics and compliance status to IT leadership and stakeholders
Skills & Qualifications
Required Qualifications
- 5+ years of progressive experience in information security or cybersecurity roles
- 3+ years of hands-on experience with Microsoft Azure and Microsoft 365 security tooling
- Deep expertise with Microsoft security products: Sentinel, Purview, Entra ID,
- Working knowledge of Azure networking, Azure Policy, and cloud governance frameworks
- Experience with at least one compliance framework (SOC 2, ISO 27001, NIST CSF, CIS Controls)
- Strong understanding of identity and access management principles
- Excellent written and verbal communication skills; ability to present risk clearly to non-technical stakeholders
Preferred Qualifications
- Relevant certifications: MS-500 (Microsoft Security Administrator), SC-200 (Microsoft Security Operations Analyst), SC-300 (Identity and Access Administrator), AZ-500 (Azure Security Engineer), CISSP, CISM, or CompTIA Security+
- Experience in a regulated or multi-site operations environment
- Familiarity with PIPEDA and Canadian privacy legislation
- Experience with Microsoft Copilot for Security
What We Offer
- Competitive salary and benefits package
- Hybrid work flexibility
- Collaborative and mission-driven team environment
- Opportunity to shape and build a modern security program from the ground up
Reasons to Apply, Stay and Grow with Emterra Group
- Opportunity to be part of one of Canada's Greenest Employers!
- Competitive wages!
- Comprehensive health benefits (health, dental, and more depending on what you choose)!
- Employee Assistance Program, paid for by the company!
- Tuition reimbursement program and professional development support!
- Be part of an entrepreneurial organization that wants to continue to learn and grow!
- Ability to have an impact and make change!
Are you ready to jumpstart your career by joining one of Canada's Greenest Employers and become part of the environmental solution? If so, apply now! We appreciate all applicants who apply however only those who are qualified, will be contacted.