At IMCO, our talent is among the best! IMCO offers a uniquely stimulating and rewarding environment where you can help build and drive organizational transformation, all while seeking to challenge yourself, learn, and grow your career. We offer a culture of collaboration and passion, creating unwavering value for the clients we serve. Our vision is to be the partner of choice for Ontario’s public sector funds and build a high-performing, value-based Asset Management firm in the heart of downtown Toronto. If you are ready to drive best-in-class service, and join a collaborative, motivated, and fun team of professionals, we’re ready to offer you a great place to work with exciting opportunities for growth and development. If you want to use your expertise to drive strategic business outcomes, then we want you at IMCO! IMCO is seeking a highly skilled and experienced Cybersecurity Engineer Lead with deep cybersecurity and cloud technologies expertise to join our forward-thinking IMCO Cybersecurity team! At IMCO, we prioritize a cloud-first approach and cybersecurity excellence in our technology solutions, focusing on agile, optimized productivity and enhanced performance to accelerate our market presence. The Cybersecurity Engineer Lead will be crucial in implementing and maintaining the cybersecurity measures with our overall logical and technical IT architecture. This role demands advanced technical expertise to facilitate seamless collaboration across various teams within the organization, influencing strategic decision-making, project planning, and execution to align system architecture with IT strategy and cybersecurity imperatives. The Cybersecurity Engineer Lead will champion the integration of cyber cloud controls and DevSecOps methodologies and practices, ensuring robust security postures within our cloud environments. Deep expertise in the Microsoft Security Stack is essential to designing secure and resilient architectures that support our digital transformation and cloud adoption goals. As a Member of Our Team, Your Responsibilities Will Include: Strategy & Planning Configure and manage security tools within the cloud environment, ensuring security controls and measures are correctly implemented with a strong focus on cybersecurity and IT infrastructure implications. Integrate security measures into CI/CD pipelines using DevSecOps methodologies to ensure continuous security throughout the development lifecycle. Establish and support solutions to proactively monitor the cloud infrastructure for potential vulnerabilities or threats and promptly respond to security incidents. Collaborate closely with other IT teams to ensure seamless integration of security measures with the cloud systems and applications. Evaluate and enhance IMCO’s IT architecture with a cybersecurity lens, ensuring effective integration of Microsoft Security Stack components. Work closely with the Cyber Security Cloud Architects to implement the security controls and measures they have designed. Conduct comprehensive security assessments and audits of the cloud environment to identify and mitigate risks. Design and oversee the implementation of end-to-end integrated systems with embedded security controls Stay current with the latest cybersecurity trends, tools, and best practices and make recommendations for continuous improvement. Assist in defining and documenting security standards and policies specific to the cloud environment. Participate in incident response activities and contribute to developing incident response plans. Provide guidance and support to other IT teams on cybersecurity best practices. Assist in managing the CyberArk and MS Purview platforms. Operational Management Collaborate with key business and technical stakeholders to define business requirements, emphasizing cybersecurity in systems development. Automate cloud security compliance to improve innovation and efficiency. Mentor and guide cybersecurity best practices to junior team members. What do you need to succeed: University degree in Computer Science, Engineering, Mathematics, related discipline, or equivalent work experience. 5+ years of relevant work experience in cybersecurity, focusing on cloud security. Microsoft Azure certification (e.g., Azure Security Engineer Associate) and additional certifications such as CISSP or CCSP are highly desirable. Security+ certification or equivalent is required. in-depth knowledge of cloud platforms (such as Microsoft Azure) and their security features and controls. Proficiency in configuring and managing security tools within the cloud environment. Proficiency in the architectural principles of cloud-based platforms (IaaS, PaaS, SaaS) with a cybersecurity perspective. In-depth experience with Microsoft Azure cloud technologies and the Microsoft Security Stack. Knowledge of security AI-enabled applications and GenAI threat detection tools. Familiarity with Workday and similar SaaS solutions and their security aspects is a strong asset. Experience in Information security and cyber frameworks (NIST CSF 2.0) Advanced understanding of DevSecOps practices. Solid knowledge of network security technologies, hardware platforms, and operating systems. Knowledge of CyberArk CPM/PSM operations and management is desirable. Excellent problem-solving skills and the ability to work under tight deadlines. We thank all applicants, however, only those selected for an interview will be contacted. Our hybrid work model offers flexibility and provides our employees with the opportunity to lead a well-balanced life. Our Corporation’s offices located at 16 York Street, Suite 2400, Toronto, ON M5J 0E6 provide a welcoming space for employees to gather, work collaboratively, and grow together. IMCO is committed to providing accommodation for people with disabilities in its recruitment process. Please advise IMCO if you require an accommodation and we will work with you to meet your needs. Candidates being considered for this position will be required to submit to a background screening. The Investment Management Corporation of Ontario (IMCO) is Ontario’s professional asset manager, investing on behalf of our public sector clients so they can care for beneficiaries and secure retirement futures. With approximately $86 billion in assets under management, we are one of the largest institutional investment managers in Canada and around the globe. Our mandate is to provide broader public sector clients with exceptional investment management services, including best-in-class advice around portfolio construction, efficient access to a diverse range of asset classes and superior reporting on risks and returns. Our vision is to rank among the world’s leading public-sector asset managers. We will achieve this through an unwavering focus on creating client value. That means ensuring that we deliver the returns required for our clients to meet their long-term financial obligations.
