Your Opportunity

BDO Canada's Cloud Security Engineering Advisory team focuses on protecting cloud-first and hybrid organizations through modern security architectures, data protection, identity-centric controls, and continuous security operations. We work across Microsoft, AWS, and Google Cloud ecosystems and align security outcomes to business risk, regulatory expectations, and operational maturity. We are seeking a replacement Cloud Security Senior Consultant who combines strong technical depth with client-facing maturity, modern security thinking, and a proactive, ownership-driven mindset.

Key Responsibilities

• Lead and deliver cloud security assessments, architecture reviews, and implementation engagements across Azure, AWS, and GCP.
• Design and implement Zero Trust-aligned security architectures covering identity, device, application, data, and infrastructure layers.
• Advise clients on data protection and information governance, including classification, labeling, encryption, retention, and eDiscovery considerations.
• Implement and optimize identity and access management capabilities, including Entra ID, Conditional Access, MFA, Privileged Identity Management (PIM), and workload identities.
• Design and implement cloud-native security controls across:
  
  • Cloud posture management (CSPM)
  • Workload protection (CWPP)
  • Logging, monitoring, and threat detection
• Support secure adoption of AI and GenAI workloads, including data exposure risk, identity boundaries, and model access controls.
• Translate security risks into clear, business focused recommendations for both technical and executive audiences.
• Contribute to proposals, statements of work, and client roadmaps, including effort estimation and solution shaping.
• Identify and implement automation opportunities using infrastructure-as-code and security tooling.
• Mentor junior consultants and contribute to internal standards, frameworks, and reusable assets.
• Work with multiple cloud service providers including Amazon Web Services, Microsoft Azure and Google Cloud Platform, and various security vendors to understand their solution offerings and advise clients on appropriate technologies and architectures, based on their needs.

How do we define success for your role?

• You demonstrate BDO's core values through all aspects of your work: Integrity, Respect and Collaboration.
• You understand your client's industry, challenges, and opportunities; clients describe you as positive, professional, and delivering high-quality work.
• You identify, recommend, and are focused on effective service delivery to your clients.
• You share in an inclusive and engaging work environment that develops, retains & attracts talent.
• You actively participate in the adoption of digital tools and strategies to drive an innovative workplace.
• You grow your expertise through learning and professional development.

Your experience and education

• 3 to 5 years of relevant work experience in cloud security, including identity and access management, logging and monitoring, data security and cloud reference architecture
• College Diploma or University Degree in Cyber Security, Information Security, or Computer Science
• Advanced certification in one or more cloud service platforms
• Hands-on experience in cloud security, cybersecurity consulting, or security engineering.
• Strong understanding of cloud security domains including identity, data protection, logging, monitoring, and architecture.
• Experience conducting security assessments and translating findings into actionable recommendations.
• Familiarity with industry frameworks and standards such as:
• NIST (CSF, SP 800-53, Cloud Reference Architecture)
  
  • CIS Critical Security Controls
  • Cloud Security Alliance CCM
  • OWASP Top 10
• Ability to clearly communicate complex technical concepts to diverse audiences.
• Experience working in consulting or client-facing delivery roles.
• Successful candidates will have experience or strong exposure to several of the following areas:
• Cloud & Platform Security
  
  • Microsoft Azure, AWS, and/or Google Cloud security services
  • Secure landing zones and cloud reference architectures
  • Infrastructure-as-Code (Bicep, Terraform, ARM, CloudFormation)
  • DevSecOps concepts, CI/CD pipeline security, and secrets management
• Data Protection & Information Security
  
  • Microsoft Purview (Information Protection, DLP, eDiscovery, Insider Risk)
  • Data classification, labeling, and encryption strategies
  • Data Loss Prevention across cloud services and endpoints
  • Secure collaboration and third-party data sharing controls
• Identity & Zero Trust
  
  • Microsoft Entra ID (formerly Azure AD)
  • Conditional Access, MFA, phishing-resistant authentication
  • Privileged Identity Management (PIM) and Just-in-Time access
  • Identity governance and lifecycle automation
• AI & Emerging Technology Security
  
  • Securing Copilot, GenAI, and AI-enabled workloads
  • Data leakage risks in AI-assisted environments
  • Governance and access controls for AI services
• Advanced certification in one or more cloud service platforms (one of more preferred):
  
  • Azure Security Engineer, SC-series certifications
  • AWS Security Specialty
  • CISSP, CCSP, CISM

The expected range of compensation for this role is $84,000 - $128,000 annually.

Flexibility: All BDO personnel are expected to spend some of their time working in the office, at the client site, and virtually unless accommodations or alternative work arrangements are in place.

Our model is a blended approach designed to support the flexible needs of our people, the firm and our clients. It's about creating work experiences that meet everyone's needs and providing flexibility to adjust when, where and how we work to meet the expectations of our role.

Code of Conduct: Our Code of Conduct sets clear standards for how we conduct business. It reflects our shared values and commitments and includes guiding principles to help us make ethical decisions and maintain trust with each other, our clients, and the public.

BDO may use artificial intelligence enabled tools to support certain aspects of the recruitment process. While these tools assist our teams, our use of AI does not replace human decision making, and all employment-related outcomes are made by BDO personnel.

Ready to make your mark at BDO? Click "Apply now" to send your up-to-date resume to one of our Talent Acquisition Specialists.

To explore other opportunities at BDO, check out our careers page.