BDO Canada LLP is seeking an experienced Senior Consultant or Manager to join the join the Cloud Security Team in BDO’s Cybersecurity Engineering practice in Canada. The successful candidate will contribute to a rapidly expanding practice that evaluates the security posture of organizations through cloud security reviews. If you are passionate about cloud security and are looking for a challenging and rewarding career, this is the right opportunity for you. Our people are our most valuable asset and we encourage career growth and development opportunities for every individual on our team.
As a Consultant or Senior Consultant in the Cloud Security Team, your responsibilities will include:
- Assist in review of infrastructure design on premise and on the Cloud (inclusive of container security architecture, data security architecture, network security architecture, and operational security architecture)
- Perform reviews on Cloud security engagements during different phases of the lifecycle – assess, design, and implementation, and produce high quality threat models for cloud environments clearly articulating risks.
- Participate in the creation of firm security documents (operational frameworks, policies, standards, baselines, guidelines, and procedures) specific to cloud environments.
- Educate and communicate cloud security requirements, policies, standards and procedures to business/internal stakeholders as it relates to projects and strategic initiative
- Assess and implement industry-leading security solutions and practices around cyber risks and Cloud security for clients
- Work with multiple cloud service providers including Amazon Web Services, Microsoft Azure and Google Cloud Platform, and various security vendors to understand their solution offerings and advise clients on appropriate technologies and architectures, based on their needs
- Research and improve your knowledge base of current cloud technology advancements, trends and directions and identify the potential threats and exposures to our clients.
- Serve as an intermediate cyber security consultant to our various clients and team initiatives as it relates to new cloud platforms and emerging cloud technologies.
- Demonstrate a sound understanding of zero trust design and implementation for the Cloud
- Review security-related events, assessing risk and validity, as well as reporting on security postures and recommending corrective actions when required
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Demonstrate an understanding of the client environment and overall project scope
- Organize and deliver services on a cross-section of complex projects
- Actively participate in the development of business and vendor relationships
- Participate and lead aspects of the proposal development process
- Manage day-to-day interactions with clients and internal BDO team
- Proactively seek guidance, clarification, and feedback
- Keep leadership informed of progress and issues; and
- Sustain a high level of drive, show enthusiasm and a positive attitude when coping with pressure at work.
How do we define success for your role?
- You demonstrate BDO’s core values through all aspect of your work: Integrity, Respect and Collaboration
- You understand your client’s industry, challenges, and opportunities; clients describe you as positive, professional, and delivering high quality work
- You identify, recommend, and are focused on effective service delivery to your clients
- You share in an inclusive and engaging work environment that develops, retains & attracts talent
- You actively participate in the adoption of digital tools and strategies to drive an innovative workplace
- You grow your expertise through learning and professional development.
Your experience and education
- Knowledge and experience with various facets of cloud security, including access management, monitoring, auditing, preventative architectures, data encryption and mitigation.
- Good understanding of basic networking concepts/principles (routing, switching, IP addressing etc.) and common services/protocols is important
- Knowledge of application security concepts and overall application design and architecture
- Good understanding of Cloud security reference architecture, Cloud security preventative, monitoring, and process controls
- Familiarity with security assessment and audit standards for the Cloud – Cloud Security Alliance CCM, CIS, NIST Cloud Reference Architecture
- Knowledge of security threats in the Cloud and how to remediate and implement controls
- Strong knowledge of container technologies such as Docker
- Strong knowledge of 1 or more of AWS, Azure and Google Cloud
- Ability to work independently
- Ability to manage small engagements or work streams and multiple team members with confidence
- Experience with scripting tools on Windows and Linux (e.g. PowerShell, Python, Ruby, etc.)
- Experience managing senior-level client relationships
- Experience presenting to clients or other decision makers to present and sell ideas to various audiences (technical and non-technical)
- Strong knowledge of technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management
- Strong knowledge of cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, Canadian Center for Cybersecurity
- Pre-sales, proposal, and RFP experience
- Past experience working with public sector
- Must be able to obtain and maintain required clearance for this role
One or more of the following:
- Certified Cloud Security Professional (CCSP)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Solution Architect/DevOps Product owner (Azure, AWS, GCP)
- Cloud certifications such as Azure Fundamentals, Azure Security Engineer, AWS Technical Essentials
Our firm is committed to providing an environment where you can be successful in the following ways:
- We enable you to engage with the firm’s strategic plan, and be a key contributor to the success and growth of the firm.
- We help you be the best professional you can be in our services, industries and markets.
- Achieve your personal goals outside of the office and make an impact on your community.
Giving back, it adds up: Where company meets community. BDO is actively involved in our communities by supporting local charity initiatives. We support staff with local and national events where you will be given the opportunity to contribute to your community.
Total rewards that matter: We pay for performance with competitive total cash compensation that recognizes and rewards your contribution. We provide flexible benefits from day one, and a market leading personal time off policy. We are committed to supporting your overall wellness beyond working hours, and provide reimbursement for wellness initiatives that fit your lifestyle.
Everyone counts: We believe every employee should have the opportunity to participate and succeed. Through leadership by our Chief Inclusion and Diversity Officer, we are committed to a workplace culture of respect, inclusion, and diversity. We recognize and celebrate the valuable differences among each of us, including race, religious beliefs, physical or mental disabilities, age, place of origin, marital status, family status, gender or gender identity and sexual orientation. If you require accommodation to complete the application process, please contact us.
Ready to make your mark at BDO? Click “Apply now” to send your up-to-date resume to one of our Talent Acquisition Specialists.
To explore other opportunities at BDO, check out our careers page.