Security Consultant on TELUS's Cybersecurity Platforms Operations team. Providing hands - on support for critical security services and collaborating with industry - leading vendors.
About the role
- Cloud Business Information Security Officer at TD managing risk in public cloud environments. Collaborating with teams to ensure compliance with security frameworks and perform risk assessments.
Responsibilities
- Perform cloud risk assessments including TARA (Threat Risk), CGA (Control Gap), NTI (New Technology)
- Align risk assessment with TD standards and known frameworks such as NIST 800-53, CIS Benchmarks, ISO 27001, and FedRAMP.
- Perform security risk assessments such as policy exceptions, Azure application registrations, cross tenancy requests, O365 add-ons, parameters, and those related with Cloud Service Enablement projects.
- Perform ongoing risk issue/gaps management in risk management tools like Archer and ServiceNow.
- Collaborate with cloud architects, engineers, developers, and product owners to translate technical designs and practices into assessable and testable content.
- Participate in design reviews to stay informed on evolving architectures and ensure documentation aligns with implementation.
- Support internal and external audits and ensure alignment with enterprise security frameworks.
- Create dashboards and metrics to measure Azure security posture.
- Serve as the organization's cloud security SME and advisor to IT and DevOps teams.
- Conduct research on emerging security threats and vulnerabilities and incorporate mitigating security controls into the hardening standards.
- Adhere to, advise, oversee, monitor, and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
Requirements
- University Degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
- Information Security Certification.
- 7+ years in information security with 3+ years focused on Azure/Cloud security architecture.
- Strong understanding of cloud architecture principles and Azure services (Azure Resource Manager, networking, identity, monitoring, and automation, etc.).
- Experience with Azure Security Benchmarks, CIS controls, and automated compliance monitoring.
- Understanding of hybrid and multi-cloud architecture patterns.
- Familiarity with SaaS security integrations and Microsoft 365 security ecosystem.
- Strong written and verbal communication skills with the ability to synthesize information from a multitude of resources and compile all relevant information clearly and comprehensively.
Benefits
- health and well-being benefits
- savings and retirement programs
- paid time off
- banking benefits and discounts
- career development
- reward and recognition programs
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Senior Cloud Cybersecurity Engineer responsible for cloud security engineering at Tanium. Collaborate to protect cloud infrastructure against threats in Azure, AWS, and Kubernetes.
Managing Consultant in Cybersecurity and NERC Compliance at Guidehouse. Leading client management and project workstreams within the electric utility sector in Canada.
Senior Analyst performing SOC 1 and SOC 2 examinations at Kraken. Leading compliance initiatives and enhancing IT controls in a remote environment.
Security Guard responsible for protecting people and property in Amherst, Nova Scotia. Conducting patrols and monitoring security systems to ensure safety.
Security Lead responsible for driving security function and strategy at Newton, a crypto trading platform. Ensuring CIRO and SOC 2 alignment while embedding security practices across all systems and applications.
Senior Cybersecurity Engineer at Vervent focused on security solution design and incident response. Join a growing team to implement and strengthen enterprise security operations.
IA
Conseiller juridique stratégique au sein des Services juridiques pour la protection des renseignements personnels au Canada. Fournissant des conseils stratégiques en matière de cybersécurité et réglementaire.
Manager, Information Security at Manulife will assess vendor IT risks and security controls. Conducting audits, guiding businesses in IT risk management under a hybrid working model.
Key role in operational security management of IT infrastructures at Xideral. Involves risk management, security architecture, and coordination with various stakeholders.