Information Security Lead

DO NOT POST.

Job Title: Information Security Lead

Contract Type: Permanent

Location: Toronto, Ontario

In office 1 day a week

Role Overview

Our client alaw firm is seeking an Information Security Lead responsible for the security, integrity, and availability of information assets. This role drives the design, implementation, and continuous improvement of security controls across people, processes, and technology.

Key Responsibilities

Security Architecture & Cloud Security

• Lead security architecture across on-premises and cloud environments.
• Design and implement secure solutions for infrastructure, cloud platforms, identity, and networks.
• Advise technical teams to embed security into systems and operations.
• Support secure adoption of Microsoft Azure and its security capabilities.
• Develop cloud security guardrails, policies, and monitoring.
• Monitor emerging threats and improve overall security posture.
• Mentor security team members.

Security Operations & Incident Response

• Oversee daily security operations, monitoring, and threat detection.
• Act as escalation point for incidents and vulnerabilities.
• Lead incident response, remediation, and recovery efforts.
• Improve response playbooks and conduct simulations.
• Manage vulnerability assessments, penetration testing, and remediation.
• Optimize security tools (SIEM, endpoint, network security).

Data Protection & DLP

• Support data protection programs including classification and DLP.
• Implement controls to protect sensitive data across systems.
• Configure and manage DLP policies.
• Collaborate with legal and compliance teams.
• Respond to data protection incidents and alerts.

Governance & Compliance

• Develop and maintain security policies and standards.
• Support audits, assessments, and compliance initiatives.
• Report on security risks, metrics, and program maturity.

Skills & Competencies

• Strong expertise in security architecture and cloud security (Azure).
• Knowledge of Zero Trust and identity-based security models.
• Experience with SIEM, endpoint, network, and CASB/SSE platforms.
• Solid understanding of data protection and DLP.
• Strong analytical, problem-solving, and communication skills.
• Ability to lead, mentor, and collaborate across teams.
• Capable of handling high-pressure security incidents.

Education & Experience

• Degree in IT, Computer Science, Cybersecurity, or equivalent experience.
• 8+ years in IT, with strong cybersecurity focus.
• 6+ years in security roles, including 3+ years in leadership.
• Extensive experience with Microsoft Azure security.
• Hands-on experience with security tools (e.g., Defender, Sentinel).
• Experience with vulnerability management and cloud security integration.
• Familiarity with frameworks (NIST, ISO 27001, MITRE ATT&CK).
• Relevant certifications (CISSP, CISM, GIAC, ISACA, Microsoft) preferred.

Fluid thanks you for your interest in this opportunity. However, only candidates with the required qualifications will be contacted.

Fluid adheres to the principles of equal employment opportunity and affirmative action. We welcome and encourage diversity in our workplace.

Candidates must be eligible to work in Canada.