Cybersecurity Operations and Compliance Lead

Introduction

At Deighton Associates Ltd. we dont just build asset management softwarewere redefining the a leader in innovative solutions we offer a workplace where challenge meets opportunity and where your career can grow alongside your ambitions.

Rooted in our dCOREvalues we strive to be better every day earn trust through our actions invest in meaningful relationships own what we do get things done with excellence and remain fiercely committed to our clients success.

Whether youre a student recent grad seasoned professional or someone ready to take on a new challenge in a dynamic and growing industry we have a place for you.

Company

Deighton Associates Ltd. (Deighton) has established itself as one of the world leaders in providing asset management systems and asset management expertise at the strategic tactical and operational levels for agencies around the world. Recognized as the premier software product for infrastructure asset management dTIMS is used to manage large infrastructure networks in Africa Asia Australia Canada Europe New Zealand and the United States. These infrastructure networks include hundreds of thousands of miles of pavements thousands of bridges and millions of wastewater storm water and fresh water distribution pipe assets.

Job Summary

The Information Security Operations Specialist will play a crucial role in maintaining the security and operational integrity of our software development and SaaS operations infrastructure. This role focuses on managing and remediating security alerts from our external SOC while ensuring such efforts do not unduly disrupt software development processes or negatively affect customer SaaS environments. The Specialist will also focus on security-related IT support including access control permissions management and implementation management and lifecycle of Microsoft-Azure based security solutions. This role is integral in supporting ongoing ISO 27001 compliance efforts and contributing to the continuous improvement of our security posture.

Key Responsibilities

• Security Operations & Incident Management; includes activities such as triaging security alerts incident response vulnerability management and proactive threat monitoring
• General IT and Network Infrastructure Support with a Focus on Security; Access Control & Permissions Management management of security solutions and configurations including Intune Purview Defender and related Azure-based security and compliance controls and management and maintenance of security infrastructure components such as VPNs firewalls and endpoint management
• Team and inter-departmental collaboration and communication to ensure that security measures integrate smoothly without hindering project timelines coordination and communication the external SOC vendor and contribute to the communication of security threats changes and security culture
• Compliance with ISO 27001 including process development evidence documentation and audit support
• Efficiently manage and resolve security alerts while minimizing the interruption to the software development lifecycle or hosted customer environments.
• Proactively identify communicate and address vulnerabilities within the companys cloud infrastructure.
• Effectively manage access control and permissions ensuring security best practices are followed primarily focused on M365/E5 related security tools.
• Work collaboratively across departments to balance security needs with operational priorities related to secure coding guidance root cause analysis for security and performance related events and other related activities.
• Contribute to the companys ISO 27001 alignment by developing and maintaining security processes and policies.
• Add to IT team cohesion and the training development and mentoring of peers and juniors.
• Effectively communicate and educate all levels of the organization

Skills:

• Technical Expertise: 5 years of experience in IT support or security operations focusing on managing security incidents and infrastructure in a cloud environment.
• Security Focus: 5 years experience working with SIEM software and/or SOCs triaging and responding to security alerts and managing remediation processes.
• Microsoft Security Solutions: 3 years experience implementing and managing Microsoft-based security solutions such as Intune Microsoft Purview Microsoft Defender and other related Azure security controls.
• Azure Knowledge: 3 years hands-on experience with Microsoft Azure cloud infrastructure and hardening and managing Azure Virtual Machines and Azure SQL managed instances from a security perspective.
• Information Security governance framework experience ideally with ISO 27001 but significant experience implementing or managing security programs aligned with any of the popular frameworks such as NIST COBIT CIS or PCI-DSS would be considered
• IT Support Skills: Strong foundation in managing user access permissions and security configurations across internal systems and tactfully educating users when training or remediation is required.
• Communication: Excellent communication skills to liaise between technical and non-technical teams external vendors and management.
• Supporting Production and Development Environments

What does Deighton Provide

• Competitive compensation vacation and personal time group benefits
• In-house executive Chef Lunch meals prepared and provided 5 days a week.
• A supportive team that encourages and supports professional growth.
• Located in Whitby Ontario- Right off the 401 in the heart of Durham Region
• Company and department employee social events gaming stations in-office
• Working on meaningful and impactful work.
• Matching Group RRSP contributions
• Roll Over Vacation
• Summer golf lessons for beginners
• On-Site parking

Deighton Associates Ltd. is proud to be an Equal Employment Opportunity. We do not discriminate based upon race religion color national origin gender (including pregnancy childbirth or related medical conditions) sexual orientation gender identity gender expression age status as a protected veteran status as an individual with a disability or other applicable legally protected characteristics.