Sr. Manager leading cloud security, compliance, and governance at Metergy Solutions Inc. Drive regulatory adherence and risk mitigation across diverse cloud environments with a focus on security by design.
Responsibilities
Act as a senior technical contributor responsible for implementing, maintaining, and improving security controls across cloud and enterprise environments to reduce risk and support compliance objectives.
Partner with infrastructure and application teams to embed security by design in all cloud and on-premise initiatives.
Translate security and compliance requirements into practical technical controls, standards, and baselines for cloud and on-premise IT infrastructure and collaboration platforms, including Microsoft 365.
Execute audit and control assurance activities, including risk assessments, control testing, evidence collection, vulnerability management tracking, and remediation follow-up to maintain compliance and reduce security risk.
Administer and enhance Identity and Access Management (IAM), data protection, threat monitoring, incident response activities, and email security capabilities across the organization.
Administer, troubleshoot, and improve email security operations, including technical configuration and optimization of Proofpoint and Microsoft Exchange protections for phishing defense, email hygiene, secure mail flow, and threat remediation.
Recommend and implement technical and procedural improvements that strengthen control effectiveness, audit readiness, organizational resilience, and overall security posture.
Maintain and administer infrastructure security processes, including secure configuration, add/moves/changes to Active Directory, storage systems, Azure cloud, servers, network, application hosting, backup, server patching, and related control enforcement activities.
Provide technical security input to vendor assessments, solution reviews, and control evaluations to ensure new and existing services align with security and compliance requirements.
Perform security control and audit support activities, including control mapping, evidence preparation, issue remediation tracking, and alignment to frameworks such as CIS, SOC, NIST, and related standards.
Serve as a senior technical security resource supporting secure configuration, hardening, remediation, and control maturity across infrastructure, cloud platforms, identity services, and core enterprise systems.
Provide technical guidance on security standards, control requirements, and implementation approaches that align with business, regulatory, and audit expectations.
Assess technical security requirements for new solutions and services, participate in architecture and design reviews, and validate that implementations meet defined control and compliance expectations.
Requirements
6+ years of hands-on experience in cybersecurity, security engineering, cloud security, control implementation, audit support, incident response, and vulnerability management.
Strong understanding of regulatory frameworks such as CIS, SOC, NIST, and similar standards.
Experience with governance automation, control validation, and policy enforcement tools.
Proven expertise in Microsoft Azure Cloud architecture, Microsoft 365, Microsoft Exchange, Proofpoint, and cloud management processes.
University degree from a recognized institution or equivalent practical experience, with strong technical experience in cybersecurity, infrastructure, and cloud environments.
Strong working knowledge of cloud platforms such as Microsoft Azure, AWS, and Google Cloud, along with identity, networking, endpoint, and collaboration security concepts.
Excellent analysis, problem-solving, team, conflict management, and time management skills.
Outstanding verbal and written communication skills.
Experience managing or delivering IT services within outsourced and managed services environments.
Proven expertise with cloud-hosted technology and thorough understanding of IT security, networking principles, incident response practices, vulnerability remediation workflows, and email security controls.
Experience supporting security assessments, control reviews, audit evidence requests, and remediation activities in regulated or compliance-driven environments.
Strong collaboration and interpersonal skills, with the ability to work effectively across technical teams, audit stakeholders, vendors, and business partners.
Benefits
Fully company covered heath and dental benefits from day 1
Company funded Health Spending Account
Plan for retirement with Deferred Profit Sharing Plan (DPSP) and RRSP Matching
Grow with us! We provide support for continuous learning.
Paid personal and sick days on top of your vacation
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.