Cybersecurity and Cloud Infrastructure Specialist

About Futurpreneur

Futurpreneur is a national non-profit organization that empowers young, diverse entrepreneurs, ages 18-39 to start, buy or grow their businesses in Canada, by providing loans with mentorship and resources.

Founded in 1996, we have helped more than 18,700 young entrepreneurs, promoting entrepreneurship among Canadian youth as a critical pillar for diversifying the economy, generating employment opportunities, and fostering a sustainable future.

Futurpreneur is a founding member of the G20 Young Entrepreneurs’ Alliance, the Canadian member of Youth Business International and the Canadian host of Global Entrepreneurship Week (GEW). 

Our Purpose (why we exist): To drive inclusive Canadian prosperity by fostering the success of young entrepreneurs

Our Mission (what we do every day to achieve our purpose):To empower diverse entrepreneurs ages 18-39 by providing loans with mentorship and resources to help them start and buy businesses that contribute to sustainable and inclusive economic prosperity, in their communities and across Canada.

Our Values (how we work – our core principles & commitments): We are mission-driven, collegial & collaborative, diverse & inclusive, and accountable & transparent.

Here’s the opportunity: Cybersecurity and Cloud Infrastructure Specialist

The Cybersecurity and Cloud Infrastructure Specialist will be responsible for securing and managing both on-premises and cloud-based assets. They will assist in the design, implementation, and maintenance of security policies and controls that align with industry standards and regulatory requirements, ensuring the protection of sensitive data and systems. Additionally, they manage the deployment of security measures, such as encryption, firewalls, and intrusion detection systems, within Azure and other Microsoft cloud services, continuously monitoring for anomalies and potential threats.

Reporting to the IT Manager, the Specialist is a hands-on, proactive cybersecurity professional who excels in technical execution and has deep expertise in threat detection, vulnerability management, and incident response across hybrid environments. The incumbent is a true team player who can provide solid recommendations to the IT Manager and IT team on how to optimize existing and new technology to benefit business operations. They will have to stay ahead of emerging threats, adapt to evolving cloud technologies, and coordinate with cross-functional teams to integrate security seamlessly into all aspects of the cloud infrastructure.

This is a permanent, full-time position located in Toronto, ON. The incumbent will be working on our hybrid work model (minimum 2 days in the office per week). 

Threat & Vulnerability Management (40%)

• In collaboration with the IT Manager, oversee the deployment, configuration, and management of Tenable solutions across the organization. 
• Mitigate threats found in penetration tests.
• Regularly conduct vulnerability scans and assessments, analyze results, and develop remediation plans. 
• Ensure timely patch management and risk mitigation strategies in response to identified vulnerabilities. 
• Manage and maintain EPP, EDR, and XDR solutions to ensure comprehensive endpoint security across all devices (including ensuring real-time monitoring and response capabilities). 
• Develop and maintain threat hunting protocols, leveraging EDR/XDR capabilities to identify potential risks. 
• Implement policies for malware detection, prevention, and response. 
• Conduct regular security assessments, identifying vulnerabilities and areas for improvement. 
• Stay updated on the latest cybersecurity trends and technologies, recommending enhancements to existing security posture. 
• Work closely with MDR providers to monitor, detect, and respond to security incidents. 
• Coordinate incident response activities with MDR teams, ensuring effective risk mitigation. 
• Review and analyze MDR reports, implementing recommended security improvements. 
• Investigate and respond to endpoint security incidents, coordinating with other IT, business teams, and staff as necessary. 
• Administer and monitor IDS/IPS solutions, ensuring real-time detection and prevention of security threats. 
• Analyze IDS/IPS alerts, coordinating incident response efforts as needed. 
• Assist in the development and execution of incident response plans, ensuring rapid and effective responses to security incidents. 
• Document and report on incidents, providing insights for continuous improvement of security measures.

Cloud Infrastructure & SaaS Administration (40%) 

• Administer and secure cloud environments, including IaaS, PaaS, and SaaS platforms. 
• Implement cloud security best practices, including data encryption, access controls, and network security. 
• Regularly audit cloud environments for security compliance and risk management. 
• Configure and maintain Smarthost servers to ensure secure and reliable email routing. 
• Monitor email traffic for security threats, spam, and phishing attempts, implementing necessary countermeasures. 
• Ensure compliance with organizational email security policies and industry standards. 
• Manage and secure Microsoft Azure environments, including Entra ID resource groups, and subscriptions, by implementing Azure policies and governance frameworks that align with organizational security standards.
• Manage Microsoft Intune policy configuration.
• Develop and enforce IAM policies, ensuring proper user authentication, authorization, and access control. 
• Implement and manage SSO solutions, ensuring seamless and secure user access to multiple applications. 
• Regularly review and audit access controls, ensuring compliance with security policies and regulatory requirements. 
• Manage and secure mobile devices accessing organizational resources through MDM solutions. 
• Enforce security policies for mobile devices, including encryption, remote wipe, and secure app deployment. 
• Monitor mobile device usage, ensuring compliance with organizational security standards. 
• Implement and manage DLP solutions to prevent unauthorized access and exfiltration of sensitive data. 
• Enforce and monitor DLP policies, ensuring protection of data across all endpoints, networks, and cloud services. 
• Monitor ACL usage, ensuring compliance with organizational security standards. 
• Ensure all cybersecurity and cloud operations comply with relevant industry standards, regulations, and organizational policies. 
• Regularly audit systems and processes for compliance, addressing any gaps or nonconformities. 
• Prepare for and participate in security audits, providing necessary documentation and support when needed. 

Server & Network Administration (20%)

•  Be responsible for the administration of the following:
• Active Directory (ADUC, site replications, AD Connect, DNS, Meta Data cleanup, GPO implementation, etc.). Windows Server (DHCP, DNS, MMC, IIS, Server Manager, etc.). 
• VMware (VM setup, monitoring, etc.). Veeam local, cloud and O365 Backup Administration.
• SSL setup and configuration (new, renewals, wildcard). 
• Recommend data-center optimization or rebuild (i.e. updated visualization, Azure, etc.) 
• Succession planning for legacy Windows server O/S (i.e. Windows 2008, 2012, etc.). 
• Administer organizational networks (multiple sites, public / private Wi-Fi, ACL's, IPsec VPN, Client VPN, etc.). 
• Troubleshoot and diagnose network errors or failures. 
• Maintain and configure networking hardware (i.e. AP's, Sensors, Switches, etc.) 
• Perform upgrades to network equipment. 
• Monitor IT systems to provide recommendations to IT Manager / team on IT efficiencies as well as working with the IT team to improve systems and processes. 
• Utilize monitoring software to establish benchmark performance (i.e. CPU, Memory, Disk) utilization and proactively identify potential issues or opportunities for improvement. 
• Develop, manage, review, and update Access Control Lists (ACLs) to control and monitor access to networks, systems, and applications, ensuring compliance with organizational security standards and current security policies.

Requirements

What you will have:     

• Relevant experience may include education with a focus in Computer Science or a closely related IT field, or equivalent hands-on career experience
• 5 years' experience in a similar IT role supporting systems, networks, and data
• Expertise in Threat Detection and Mitigation, Security Information and Event Management (SIEM), Vulnerability Management, Incident Response, Network Security, Identity and Access Management (IAM), and Endpoint Security
• Experience administering systems based on Compliance and Regulatory Requirements
• Strong cloud infrastructure skills, including Cloud Platforms (Microsoft Azure, AWS, GCP), Cloud Security Best Practices, Cloud Identity and Access Management, Cloud Monitoring and Logging, Data Protection in the Cloud, Automation and Scripting, Cloud Incident Response, and Container and Microservices Security
• Certifications such as CCSP, OSCP, CompTIA Security+, CCNA, AZ-900, AZ-104, AZ-305, VCP, ITIL v4 Foundations are considered assets
• Analytical thinker with excellent communication skills and the ability to collaborate with all levels of an organization
• Continuous learner with a proactive, ‘can-do’ attitude that sets a positive example
• Strong sense of responsibility and accountability, with the ability to work independently and as part of a team
• Proven customer service experience with a proactive approach
• Ability to multi-task, prioritize effectively, and meet deadlines in a fast-paced environment
• Self-motivated and confident, with a demonstrated initiative to seek out solutions to challenges
• Previous experience in a not-for-profit environment is considered an asset
• Bilingualism in French & English (spoken & written) – an asset
• Alignment with Futurpreneur’s values and commitment to the mission/purpose of the organization.
• Be a role model for Futurpreneur’s organizational culture by creating a positive impact at every touchpoint with people.

HOW TO APPLY: 

Qualified candidates are invited to submit their resume, cover letter and salary expectations by May 12, 2025

Benefits

What we offer:

At Futurpreneur, we offer a comprehensive Total Rewards package designed to support your well-being, professional growth, and work-life balance.

Our package includes a fair base salary, extensive health and dental benefits, and a supportive, flexible work environment.  

We embrace a hybrid work model with flexible hours, a work-from-abroad policy, and generous time off—including paid vacation, personal days, summer hours and a December office closure.  

We are dedicated to ensuring fair, competitive, and transparent compensation. Salaries are regularly reviewed and benchmarked to uphold internal equity and reflect our values. The salary range for this role is $90,000 - $95,000 per annum. 

To prioritize health and wellness, we provide comprehensive health and dental coverage, a health spending account, mental wellness support, and a RRSP matching program. We also invest in learning and development through a learning allowance, a coaching program, and access to an e-learning platform. 

#LI-CM1 #LI-HYBRID