Description
The Cloud Business Office is seeking a security-focused Team Lead to operate, secure, and continuously improve our Azure and Google Cloud Platform (GCP) landscape through implementing strong operational process, hands-on coding, and delivery leadership. You will own day-to-day operations; help to set standards and guardrails; and lead projects end-to-end with an automation-first mindset. As a technical leader, you'll coach team members and drive context-appropriate and fit-for-purpose cloud outcomes.
YOU'LL HAVE THE OPPORTUNITY TO:
Process Excellence & Operations
Design, implement, and run robust cloud operating processes: on‑call rotations, incident & problem management, change management (normal/standard/emergency), release gating, production readiness reviews, and blameless postmortems with actionable follow‑ups.
Establish runbooks, OLAs/SLOs, RACIs, ADRs, and quality gates for platform changes; ensure SOX compliance
Maintain a service catalog
Site Reliability Engineering & Automation
Define and track SLIs/SLOs and error budgets for key services; drive MTTR reduction and change failure rate improvements.
Standardize Infrastructure as Code (Terraform modules), policy‑as‑code (Azure Policy, GCP Org Policies, OPA/Gatekeeper), and CI/CD pipelines (GitHub Actions/Azure DevOps/Cloud Build) with drift detection and auto‑remediation.
Build reusable automation for landing zones, networks, and AKS/GKE; enforce Zero Trust IAM hygiene (least privilege, PIM/PAM, workload identities).
Security & Compliance
Own cloud security posture (CSPM), SIEM/SOAR integration, vulnerability management, and secrets/key management (Key Vault / Secret Manager / KMS).
Implement secure‑by‑default guardrails and continuous compliance checks.
Hands-on Engineering
Write and review code: Terraform (mandatory), Go/PowerShell for automation, pipelines, policy tests
Build auto‑remediation functions, CLI tools, and integrations (SSO/SCIM; tagging/FinOps APIs); instrument telemetry (logs/metrics/traces) and dashboards.
Enforce secure SDLC practices: code reviews, unit/integration tests, IaC/security scanning, secrets hygiene, and Git workflows.
Delivery Leadership
Serve as technical lead for projects by contributing to reference architectures, controls, and paved paths
Orchestrate cross‑functional delivery (security, platform, network, data, app teams; vendors), remove impediments, and keep outcomes front‑and‑center.
FinOps
Implement tagging standards, showback/chargeback, budgets/alerts, rightsizing, and commitment optimization (Reservations/Savings Plans/CUDs).
Operate rolling forecasts and transparent unit economics; apply FinOps principles to empower teams within global guardrails.
Culture & Enablement
Coach team members in automation and secure patterns; lead inclusive decision forums (ops reviews, risk/cost councils) with documented outputs.
Publish training, playbooks, and templates; increase adoption of paved paths and reduce variance across product teams.
YOU'LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:
Required
7+ years operating production Azure and GCP services; 3+ years in cloud security with demonstrated scale.
Experience with a variety of cloud architectures (web/database, API/Microservices, k8s, big data, AI platforms, etc)
Deep automation experience with Terraform (module design, environments, state, testing) and CI/CD (GitHub Actions/Azure DevOps/Bitbucket); scripting in PowerShell/Go
SRE proficiency: SLIs/SLOs, error budgets, incident/postmortem practices, observability (Azure Monitor/Log Analytics, Cloud Logging/Monitoring, Prometheus/Grafana, OpenTelemetry).
Security depth: IAM (Entra ID/Google Cloud IAM, PIM/PAM, workload identity), KMS/Key Vault/Secret Manager, network segmentation (hub‑and‑spoke, Private Link/Service Connect), CSPM/SIEM, vulnerability management.
Proven process design & execution: on‑call, incident/problem/change management, production readiness, audit evidence, and runbook quality.
Demonstrated ability to code and deliver: building automation/pipelines, testing and scanning, deploying secure changes, and leading releases end‑to‑end.
Strong leadership, facilitation, communication, and stakeholder management; habit of documenting ADRs, guardrails, and playbooks.
Preferred
Manufacturing/OT/IoT exposure; secure connectivity and segmentation patterns; integration experience with enterprise SaaS (SAP, ServiceNow, Salesforce) using SSO/SCIM.
Certifications: CCSK, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, CISSP/CCSP, CKA/CKS
ACKNOWLEDGING THE POWER OF DIVERSITY
BRP is dedicated to nurturing a culture that invites, connects, and propels the ambitions of people of all backgrounds, profiles, beliefs and experiences. Ultimately, the diversity and uniqueness of our people fuel our ingenuity and set the course for the path ahead!
For this reason, we value diversity and we strive to always push each other forward to build an inclusive workplace where every employee feels like they belong, where they can grow and find meaning.
AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.
Let’s start with a strong foundation - You want it, we have it:
Annual bonus based on the company’s financial results
Generous paid time away
Pension plan
Collective saving opportunities
Industry leading healthcare fully paid by BRP
What about some feel good perks:
Flexible work schedule
A summer schedule that varies by department and location
Holiday season shutdown
Educational resources
Discount on BRP products
WELCOME TO BRP
We’re a world leader in recreational vehicles and boats, creating innovative ways to move on snow, water, asphalt, dirt and even in the air. Headquartered in the Canadian town of Valcourt, Quebec, our company is rooted in a spirit of ingenuity and intense customer focus. Today, we operate manufacturing facilities in Canada, the United States, Mexico, Finland, Australia and Austria, with a workforce made up of close to 16,500 spirited people, all driven by the deeply held belief that at work, as with life itself, it’s not about the destination: It’s about the journey.
