Information Security Analyst

Bond is proudly recognized as a Great Place to Work and Best Managed Company. We’re 800(ish) people working tirelessly together to make the world a more loyal place. You’ll be joining a hyper-talented team with a galaxy of skill sets ranging from research to creative to digital and beyond. You’ll have an excellent opportunity to grow, learn and make an impact as we tackle some of our client’s biggest business challenges.

At Bond, we are proud to be a diverse organization, and we are committed to building and fostering an environment where our employees feel included, valued, and heard. Our belief is that a strong commitment to diversity and inclusion enables us to truly create equal opportunity and positive employment experiences for everyone. We encourage applications from Indigenous peoples, racialized people, people with disabilities, people from gender and sexually diverse communities, and people with intersectional identities.

Please connect with our People & Values team should you require any accommodation.

We are seeking a seasoned Information Security Analyst with expertise with supporting clients and Microsoft Azure security to join our growing Information Security team. You will be responsible for securing cloud-based systems, identifying vulnerabilities, assessing risks, and leading the implementation of security controls across our Azure environment. This is a hands-on role that involves working closely with our Engineering, Infrastructure, DevOps, and Compliance teams to ensure the confidentiality, integrity, and availability of our systems and data. 

  Key Responsibilities 

• Design, implement, and manage security controls for Microsoft Azure environments using native tools and third-party integrations. 
• Monitor Azure Security Center, Defender for Cloud, Sentinel, and related tools to detect, investigate, and respond to security incidents. 
• Support client-facing security initiatives, including conducting assessments, presenting findings, and implementing security solutions tailored to client environments. 
• Act as a security advisor for client engagements, ensuring solutions meet both regulatory requirements and business needs. 
• Perform risk assessments, threat modeling, and vulnerability management on Azure-hosted and on-premises workloads. 
• Collaborate with engineering and architecture teams to integrate security into cloud-based application and infrastructure deployments (DevSecOps). 
• Maintain and enforce security policies, standards, and best practices in line with industry frameworks (e.g., NIST, CIS, ISO 27001). 
• Assist with the conducting of audits and assessments to ensure compliance with regulatory requirements (e.g., PCI, GDPR, HIPAA, SOC 2). 
• Provide guidance and mentorship to junior analysts and participate in security training initiatives. 
• Stay up to date with the latest threats, vulnerabilities, and Azure security capabilities and recommend improvements to existing security posture. 
• Manage and oversee the implementation of penetration tests and other assessments. 
  
  

  Required Qualifications 

• Bachelor’s degree in computer science, Information Security, or related field (or equivalent experience). 
• 5+ years of experience in information security, with at least 3 years focused on Microsoft Azure. 
• Strong understanding of Azure IAM, networking, encryption, logging, and monitoring. 
• Proven experience supporting client security initiatives, including stakeholder communication, documentation, and delivery of technical security solutions. 
• Proficiency with Azure-native security tools: Microsoft Defender for Cloud, Azure Security Center, Azure Sentinel, Microsoft Purview, Azure Policy, etc. 
• Experience with security incident response and threat hunting in Azure environments. 
• Experience in performing risk assessments. 
• Experience in working independently or as part of a large team to deliver cloud security services on its own or within large complex projects. 
• Familiarity with securing REST and SOAP Application Programming Interfaces (APIs). 
• Strong understanding of security controls such as MFA, DLP, Firewalls, and PAM. 
• Strong grasp of compliance frameworks relevant to cloud security. 
• Relevant certifications: AZ-500, SC-200, CISSP, or equivalent experience.