Security Engineer | TorontoSecurity Engineer, you will be responsible for securing the organisation's cloud and hybrid infrastructure across Azure, Microsoft 365, and on-premises environments. You will serve as the technical authority for cloud security, working closely with the SOC, Infrastructure, and IT Operations teams.
Key Responsibilities- Design, implement, and maintain secure cloud, endpoint, and identity management solutions across Microsoft Azure, Microsoft 365, Intune, and Entra ID environments.
- Manage and optimize the Microsoft security stack, including Microsoft Defender for Cloud, Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender XDR, and Microsoft Sentinel.
- Deploy, secure, and manage Windows, iOS, and Android devices through Microsoft Intune, including compliance policies, security baselines, encryption, application protection, and device lifecycle management.
- Support the rollout, adoption, and ongoing management of Windows Hello for Business, Conditional Access, Multi-Factor Authentication, and Zero Trust security controls.
- Implement and maintain Azure security governance, including Azure Policy, RBAC, Privileged Identity Management (PIM), Identity Governance, and compliance frameworks.
- Manage cloud and network security controls, including Azure Firewall, NSGs, Private Endpoints, VPN connectivity, segmentation, and secure access solutions.
- Monitor and improve security posture through Secure Score, vulnerability management, compliance reporting, and continuous control optimization.
- Collaborate with Security Operations teams to investigate incidents, tune detections, respond to alerts, and improve overall threat visibility.
- Automate security, compliance, and deployment processes using PowerShell, Python, Infrastructure as Code (Terraform/Bicep), and CI/CD pipelines.
- Support internal and external audits, risk assessments, remediation efforts, and regulatory compliance requirements within a regulated environment.
Required Skills & Qualifications- 5+ years of experience in Endpoint Engineering, Infrastructure Security, Cloud Security, or a related engineering role.
- Hands-on experience with Microsoft Intune, Microsoft 365, Azure, and Microsoft Entra ID.
- Strong experience with Microsoft Defender technologies, Microsoft Sentinel, Endpoint Detection & Response (EDR/XDR), Data Loss Prevention (DLP), and enterprise endpoint security.
- Experience implementing Conditional Access, Zero Trust principles, Windows Hello for Business, BitLocker, compliance policies, and identity security controls.
- Knowledge of Azure security services, Azure Policy, RBAC, PIM, networking security, and cloud governance best practices.
- Experience with Infrastructure as Code (Terraform and/or Bicep), PowerShell and/or Python automation, and DevSecOps methodologies.
- Strong understanding of Windows 11 security, endpoint hardening, vulnerability management, patching, networking concepts, and enterprise mobility management.
- Experience supporting security and compliance initiatives within regulated environments.
- Excellent communication skills with the ability to work effectively across infrastructure, security, compliance, and business teams.
Preferred Certifications- Microsoft Certified: Azure Security Engineer Associate (AZ-500)
- Microsoft Certified: Security Operations Analyst (SC-200)
- Microsoft Certified: Cybersecurity Architect Expert (SC-100)
- Microsoft Certified: Identity and Access Administrator (SC-300)
- CompTIA Security+
What We Offer- Competitive base salary with a performance-based commission structure
- Comprehensive benefits package including health, dental, and vision coverage
- Clear career progression within a global financial organisation
- A collaborative and high-performance sales environment
- Ongoing training and professional development opportunities
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!