Security Engineer II

CBTS serves enterprise and midmarket clients in all industries across the United States and Canada. CBTS combines deep technical expertise with a full suite of flexible technology solutions--including Application Modernization, Managed Hybrid Cloud, Cybersecurity, Unified Communications, and Infrastructure solutions. From developing and deploying modern applications and the secure, scalable platforms on which they run, to managing, monitoring, and optimizing their operations, CBTS delivers comprehensive technology solutions for its clients' transformative business initiatives.

For more information, please visit  .

OnX is a leading technology solution provider that serves businesses, healthcare organizations, and government agencies across Canada. OnX combines deep technical expertise with a full suite of flexible technology solutions—including Generative AI, Application Modernization, Managed Hybrid Cloud, Cybersecurity, Unified Communications, and Infrastructure solutions. From developing and deploying modern applications and the secure, scalable platforms on which they run, to managing, monitoring, and optimizing their operations, OnX delivers comprehensive technology solutions for its clients’ transformative business initiatives.

For more information, please visit .

The mission of the CBTS Corporate Security Team is to protect our organization’s people, assets, and information, while supporting continued innovation and the delivery of advanced technology products and services to our customers.

• Develop and execute strategies to prevent unauthorized data access or exfiltration by leveraging endpoint, network, and cloud DLP systems
• Implement and maintain application allow listing policies to restrict execution of unauthorized or risky software
• Collaborate with technical and non-technical cross-functional teams to align endpoint and data protection policies with business requirements
• Support incident response teams and participate in post-event reviews
• Assist with the implementation, maintenance, and optimization of other security tools and contribute to broader departmental efforts as required.

6 to 7 years of experience Senior level roles as IT Security Architect, IT Security Engineer, IT Security Auditor, Cyber-Security Analyst, Cyber-Intelligence Analyst

Four years of college resulting in a Bachelor's Degree or equivalent

• Advanced GIAC/SANS certifications - GCIH, GCIA, GCFE, GCFA, GREM, GIAC, GSEC, GWAPT, ISC-squared CISSP, CompTIA Security+

• Strong troubleshooting and analytical skills.
• Excellent verbal and written communication skills.
• Able to work collaboratively with others and participate in technical conversations, troubleshooting, and design discussions
• Strong technical knowledge of DLP architecture, policy creation
• Experience with DLP platforms such as Microsoft Purview, Palo Alto CASB, or other enterprise DLP technologies.
• Experience with data classification & labeling technologies
• Experience with application control tools and techniques (e.g., Threat Locker Protect, Microsoft App Locker, Carbon Black App Control).
• Hands-on experience with security incident response, risk management, and data governance.
• Experience with scripting and automation (e.g., Power Shell, Python)
• Proficient in security frameworks, including NIST 800-53 and Cybersecurity Framework (CSF), as well as industry standards and best practices
• Understanding of compliance regulations such as PCI-DSS, HIPAA, and GDPR
• Incident response experience, including knowledge of intrusion analysis and network/host forensics techniques
• Experience with SIEM or similar log analysis tools and experience reviewing security events.

This position does not have any supervisory responsibilities.