Ensure the security, integrity, and availability of Dentons Canada information assets.
Contribute to the management and continuous improvement of multiple security programs.
Develop, implement, and maintain security controls, through people, processes, and technology, across the organization.
Provide technical leadership and architectural oversight for the Firm’s security controls across on-premises and cloud environments.
Lead the design and implementation of secure architecture patterns for enterprise infrastructure, cloud platforms, identity services, and network security.
Act as a key security advisor to Infrastructure, Cloud, and Application teams to ensure security is embedded into platform design, deployments, and operational processes.
Support the secure adoption and governance of Microsoft Azure, including the design and implementation of security controls for identity, networking, workloads, and platform services.
Lead the configuration and optimization of Azure security capabilities including Microsoft Defender for Cloud, Conditional Access, Azure Policy, identity protection controls, and security monitoring integrations.
Provide architectural guidance for secure network connectivity and access models.
Monitor emerging threats, vulnerabilities, and technology trends and recommend improvements to strengthen the Firm’s security architecture and overall security posture.
Mentor and provide technical guidance to Information Security team members across operational and engineering initiatives.
Requirements
Post-secondary education in Information Technology, Computer Science, Cybersecurity, or a related discipline, or equivalent practical experience.
Minimum 8+ years of experience in Information Technology with significant focus on cybersecurity architecture, engineering, or operations.
At least 6+ years of experience in an Information Security role with 3+ years in a lead or senior technical capacity.
Deep experience securing Microsoft Azure environments, including identity security, network architecture, workload protection, and cloud-native security controls.
Hands-on experience implementing and managing Azure security capabilities such as Microsoft Defender for Cloud, Conditional Access, Azure Policy, identity protection controls, and security monitoring integrations.
Experience integrating enterprise security platforms with cloud environments, including SIEM solutions, network security platforms (e.g., Palo Alto), and CASB/SSE platforms (e.g., Netskope or Zscaler).
Experience with Microsoft security technologies including Microsoft Sentinel, Defender for Endpoint, Defender for Identity, Defender for Cloud, and related security services.
Experience implementing or supporting data classification and data loss prevention (DLP) programs across enterprise collaboration platforms and cloud services.
Familiarity with threat frameworks such as MITRE ATT&CK and modern detection and response methodologies.
Experience assessing security controls against industry frameworks such as ISO 27001/27002 and the NIST Cybersecurity Framework.
One or more relevant certifications such as CISSP, CISM, or certifications from GIAC, ISACA, or Microsoft Security are preferred.