- Company Name
- Canada Mortgage and Housing Corporation (CMHC) Société canadienne d'hypothèques et de logement(SCHL)
- Job Title
- Spécialiste, Opérations de cybersécurité
- Job Description
-
**Job title**
Cybersecurity Operations Specialist
**Role Summary**
Lead the implementation, integration, and continual optimization of Microsoft 365 and Azure security tools to protect the organization’s digital infrastructure. Execute vulnerability assessments and penetration testing, develop system hardening standards, and drive incident detection, response, and remediation using Sentinel and SOAR platforms. Coordinate with IT, Compliance, and business units to assess risk, apply mitigation strategies, and maintain regulatory compliance. Mentor junior security staff and maintain comprehensive security documentation.
**Expactations**
- Full‑time, hybrid work arrangement with limited travel
- Bilingual in English and French (reading, writing, speaking)
- Security clearance: Secret
**Key Responsibilities**
- Deploy and optimize Microsoft security suite: Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Sentinel, Purview, and Intune.
- Perform regular vulnerability assessments and penetration tests across enterprise systems, ensuring alignment with ITSG‑33 and other Canadian government standards.
- Define and refine system hardening baselines for Windows, Linux, Azure workloads, and network devices using Microsoft baseline security configurations and CIS benchmarks.
- Lead threat detection and response initiatives through Sentinel and SOAR, automating workflows and enhancing incident lifecycle management.
- Monitor, analyze, and coordinate the resolution of complex security incidents across teams.
- Collaborate with IT, Compliance, and business sectors to evaluate risks, implement mitigation measures, and support secure digital transformation.
- Update and maintain security policies, procedures, and documentation to meet regulatory and audit requirements.
- Mentor junior cybersecurity personnel and contribute to team knowledge sharing.
**Required Skills**
- 5+ years of cybersecurity experience focused on Microsoft 365 and Azure security technologies.
- In‑depth knowledge of Microsoft Defender XDR, Sentinel, Purview, Intune, Azure AD/Entra ID, and related tooling.
- Hands‑on experience with vulnerability assessment and penetration testing tools (e.g., Kali Linux, Burp Suite, Metasploit).
- Strong understanding of system hardening, configuration security, and Zero Trust principles.
- Familiarity with NIST Cybersecurity Framework and government security standards.
- Excellent analytical, problem‑solving, and communication skills; bilingual fluency in English and French.
**Required Education & Certifications**
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience).
- Relevant certifications are an advantage: Microsoft Certified: Security Operations Analyst (SC‑200), Microsoft Certified: Azure Security Engineer Associate, CISSP, or equivalent.