Sr Cybersecurity Engineering Manager (Hands-On | Azure, AppSec) to ensure digital and operational infrastructure remains secure, resilient, and compliant.

Our client is a Global Leader in the Consumer Packaged Goods space. Sr Cybersecurity Engineering Manager (Hands-On | Azure, AppSec) to ensure digital and operational infrastructure remains secure, resilient, and compliant.

• 3 days onsite - downtown Toronto

About the Role:

They are seeking a hands-on Cybersecurity Engineering Manager to lead a small, high-performing team of three (Cybersecurity Engineer, Specialist, and Analyst), overseeing cybersecurity operations across IT environments.

This role blends technical leadership, hands-on system administration, and strategic oversight to ensure our digital and operational infrastructure remains secure, resilient, and compliant.

You will be responsible for administering all cybersecurity tools, managing the vulnerability management program, overseeing patching efforts (in collaboration with IT), and ensuring secure DevOps practices.

• 1-2 years of experience in security team management or direct oversight of security operations.
• Strong understanding of firewall configuration and network segmentation principles.
• Experience working with cloud security tools (e.g., Microsoft Defender for Cloud, Azure Security Center).
• Strong Firewall Security, Cloud security and security tool governance.
• Proven ability to define and implement security policies and controls across hybrid environments.

• Review and audit existing firewall rules; identify and remove obsolete or unused rules.
• Design and implement new firewall rules based on the principle of least privilege and business segmentation requirements.
• Ensure firewall policies are compliant with organizational security standards and regulatory mandates.

• Define and apply cloud security controls aligned with industry benchmarks (CIS/NIST) and compliance needs.
• Enable and manage cloud security features such as Just-in-Time VM access, vulnerability scanning, and endpoint protection.
• Create and maintain security policies across cloud subscriptions, workloads, and resources.

• Develop and manage access policies, role-based access control (RBAC), and permission schemes.
• Document and enforce security control standards to ensure consistent security posture.
• Align security tools and configurations with internal governance frameworks and best practices.