Microsoft Azure Cloud Security Lab Development- ON-430

Discipline(s) souhaitée: Génie - informatique / électrique, Génie, Informatique, Sciences mathématiques
Entreprise: KBE Information Security Inc.
Durée du projet: 4 to 6 months
Preferred start date: As soon as possible.
Langue exigée: English
Emplacement(s): Toronto, ON, Canada; Canada
Nombre de postes: 1
Établissements préférés: Université Ontario Tech

Rechercher dans les réseaux internationaux de Mitacs - cochez cette case si vous souhaitez recevoir des profils de chercheurs basés à l’extérieur du Canada: 

Au sujet de l’entreprise: 

KBE is a global consulting firm, with offices in Toronto and which specializes in the area of IT and information security. KBE Security Solutions and Consulting Services approach is comprehensive: we provide services that range from value added security implementation, risk and threats assessment, to security governance and program management.

Our KBE specialists –dedicated to the field and holding over 200 cybersecurity certifications- are committed to serving clients at each stage of the journey, helping them in developing solutions specific to their needs, and integrating those into IT environments in a way that best supports business objectives. Our experts have the right combination of business and technology backgrounds to provide our clients with appropriate solutions for data and information security needs.

Here at KBE we strongly believe that mere knowledge is not enough to win today's challenges. Knowledge needs to be combined with values such as responsibility, courage, sincerity, imagination, dedication and resilience in order to develop the best solutions.

Veuillez décrire le projet.: 

The project is to build an information security laboratory based on Microsoft Azure cloud solutions, in order to test and study different security implementations and configurations.  The goal is to design, implement and manage the most secure cloud environment possibile.

This role will be focal to define, document, ensure completeness and correctness of implemented technical and process controls related to the technical security controls implemented on MS Azure Cloud environement.

Some of the tasks the researcher will work on:

  • Direct and provide hardening guidance for cloud services of Microsoft Cloud Service Provider
  • Develop, implement, monitor and enhance data security policies, procedures, and standards related to MS Azure Cloud
  • Performing in-depth risk assessments to ensure that the security safeguards and controls are in-line with our security policy and standards
  • Review Cloud infrastructure design (inclusive of container security architecture, data security architecture, network security architecture, and operational security architecture)
  • Review the infrastructure & microservices design against different security regulatory, industry, and internal standards such as CSA Cloud Control Matrix, NIST,  and identify the necessary security architecture requirements
  • Ensure a "single pane of glass" into cloud controls and full automation of cloud controls in the eco system of MS Azure Cloud is automated from implementation, reporting and remediation perspective
  • Research, create, develop, and enforce security policies, standards, and procedures to ensure the protection of the organization's security and systems as specified by the NIST/CIS/CSA control frameworks

Expertise ou compétences exigées: 

  • Associate degree in Computer Science or Information Technology required
  • Expertise in designing and implementing solutions that run on Microsoft Azure, including aspects like compute, network, storage, and security
  • Intermediate-level skills for administering Azure preferred
  • Understanding Azure development and DevOps processes
  • Knowledge of IT security and risk disciplines and practices
  • Knowledge on deploying scalable virtualized infrastructures
  • Information Security Certification / Accreditation an asset
  • Knowledge of network topologies (LAN, WAN, WLAN, VLAN, VoIP, Subnets), Routing Protocols (RIP, OSPF, QOS, Static Routing), Firewall and Security Technologies (Access Lists, VPN\IPsec\SSL, NAT, Content Filtering)
  • Familiarity with a wide range of systems and security tools including Windows Servers, Office 365, Active Directory
  • Knowledge of application transport and network infrastructure protocols; Application layers (OSI model) is preferred
  • Knowledge of Scripting Languages (PowerShell, Python, Json) preferred
  • Strong problem-solving and verbal/written communication skills
  • Ability to create network diagrams and documentation
  • Ability to quickly learn new or unfamiliar technologies (software, hardware)
  • Ability work independently but comfortable working in a team environment
  • Dependable and flexible when necessary
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement