Cybersecurity Specialist

 Introduction

While being one of the companies leading the way in the development and implementation of asset management software worldwide, Deighton also provides career diversity in combination with challenging growth opportunities. Our core values include people first, collaborative, and respectful corporate culture, customer commitment, partnering for excellence, flexible, and versatile product offerings, leadership focus, and a commitment to being eco-friendly. Whether you are a student, a recent graduate, an experienced professional, or someone looking to expand your career in a dynamic industry there is a place for you here at Deighton! With steady growth Deighton has established a global presence and is expanding our reach continuously. Join our team today and help make an impact on a positive legacy for generations to come!

Company

Deighton Associates Ltd. (Deighton) has established itself as one of the world leaders in providing asset management systems and asset management expertise at the strategic, tactical, and operational levels for agencies around the world. Recognized as the premier software product for infrastructure asset management, dTIMS® is used to manage large infrastructure networks in Africa, Asia, Australia, Canada, Europe, New Zealand, and the United States. These infrastructure networks include hundreds of thousands of miles of pavements, thousands of bridges, and millions of wastewater, storm water, and fresh water distribution pipe assets.

Job Summary

The Information Security Engineer will play a crucial role in maintaining the security and operational integrity of our software development and SaaS operations infrastructure. This role focuses on managing and remediating security alerts from our external SOC while ensuring such efforts do not unduly disrupt software development processes or negatively affect customer SaaS environments. The Specialist will also focus on security-related IT support, including access control, permissions management, and implementation, management and lifecycle of Microsoft-Azure based security solutions. This role is integral in supporting ongoing ISO 27001 compliance efforts and contributing to the continuous improvement of our security posture.

Key Responsibilities

• Security Operations & Incident Management; includes activities such as triaging security alerts, incident response, vulnerability management and proactive threat monitoring
• General IT and Network Infrastructure Support with a Focus on Security; Access Control & Permissions Management, management of security solutions and configurations including Intune, Purview, Defender, and related Azure-based security and compliance controls, and management and maintenance of security infrastructure components such as VPNs, firewalls, and endpoint management
• Team and inter-departmental collaboration and communication to ensure that security measures integrate smoothly without hindering project timelines, coordination and communication the external SOC vendor, and contribute to the communication of security threats, changes and security culture
• Compliance with ISO 27001 including process development, evidence documentation, and audit support
• Efficiently manage and resolve security alerts while minimizing the interruption to the software development lifecycle or hosted customer environments.
• Proactively identify, communicate and address vulnerabilities within the company’s cloud infrastructure.
• Effectively manage access control and permissions, ensuring security best practices are followed, primarily focused on M365/E5 related security tools.
• Work collaboratively across departments to balance security needs with operational priorities related to secure coding guidance, root cause analysis for security and performance related events, and other related activities.
• Contribute to the company’s ISO 27001 alignment by developing and maintaining security processes and policies.
• Add to IT team cohesion, and the training, development and mentoring of peers and juniors.
• Effectively communicate and educate all levels of the organization

Skills:

• Technical Expertise: 5+ years of experience in IT support or security operations, focusing on managing security incidents and infrastructure in a cloud environment.
• Security Focus: 5+ years experience working with SIEM software and/or SOCs, triaging and responding to security alerts, and managing remediation processes.
• Microsoft Security Solutions: 3+ years experience implementing and managing Microsoft-based security solutions such as Intune, Microsoft Purview, Microsoft Defender, and other related Azure security controls.
• Azure Knowledge: 3+ years hands-on experience with Microsoft Azure cloud infrastructure and hardening and managing Azure Virtual Machines and Azure SQL managed instances from a security perspective.
• Information Security governance framework experience, ideally with ISO 27001, but significant experience implementing or managing security programs aligned with any of the popular frameworks such as NIST, COBIT, CIS or PCI-DSS would be considered
• IT Support Skills: Strong foundation in managing user access, permissions, and security configurations across internal systems, and tactfully educating users when training or remediation is required.
• Communication: Excellent communication skills to liaise between technical and non-technical teams, external vendors, and management.
• Supporting Production and Development Environments

What does Deighton Provide?

• Competitive compensation, vacation and personal time, group benefits
• In-house executive Chef – Lunch meals prepared and provided 5 days a week.
• A supportive team that encourages and supports professional growth.
• Located in Whitby, Ontario- Right off the 401 in the heart of Durham Region
• Company and department employee social events + gaming stations in-office
• Working on meaningful and impactful work.
• Matching Group RRSP contributions
• Work From Anywhere Globally
• Roll Over Vacation
• Summer golf lessons for beginners
• On-Site parking
• Global travel opportunities

Deighton Associates Ltd. is proud to be an Equal Employment Opportunity. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.