×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Security Manager Data Security

Cloud Security Engineer

Job in Toronto, Ontario, C6A, Canada
Listing for: EnStream LP
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Security Manager, Data Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 CAD Yearly CAD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

EnStream is a leader in secure digital identity and mobile data intelligence, working to advance the future of digital trust in Canada. We build innovative data-driven models that enhance the integrity, reliability, and safety of digital identity ecosystems.

Our mission is to empower frictionless trust in every interaction. EnStream is dedicated to increasing trust and convenience for Canadians using real-life, verified identities and network data held by trusted telco networks. At EnStream, every team member plays a critical role in shaping our strategy and delivering meaningful impact across industries. We believe that earning trust is the foundation of every great customer relationship.

And we’re building the technology, expertise, and partnerships to make that possible at scale.

About the Role

EnStream is seeking a Cloud Security & Compliance Engineer to join our team as a full-time internal security leader
. This role serves as the company’s primary authority on cloud security, application security, data protection, and governance.

While day-to-day infrastructure and security operations are handled by an external operations partner, this position owns EnStream’s security strategy, risk management, and compliance posture
. You will play a central role in shaping how security is embedded into product development, cloud architecture, and operational processes.

You will also act as the internal owner for SOC 2 and ISO 27001
, work directly with customers and partners on security matters, and continuously improve EnStream’s security maturity as the company grows. This is a hands-on, senior individual-contributor role with strong influence across engineering, product, and leadership

What You’ll Do
  • Serve as the internal security owner for EnStream’s cloud platform, applications, and data.
  • Review and guide security design for new products, features, and architectural changes on AWS.
  • Define, document, and maintain secure development and deployment standards (e.g., API security, authentication, secrets management, logging, input validation).
  • Own data security and privacy practices
    , with a strong focus on PII
    : classification, encryption, access control, retention, and secure disposal.
  • Lead responses to client and partner security assessments, audits, and due-diligence questionnaires.
  • Manage third-party and partner security risk, including risk assessments, tracking, and mitigation plans.
  • Act as the internal owner for SOC 2 and ISO 27001
    , coordinating with external advisors to:
    • Define and maintain controls
    • Map requirements
    • Support evidence collection and audits
  • Define security requirements and expectations for the external operations partner (incident response, monitoring, patching SLAs, access reviews).
  • Review security incidents, vulnerability reports, and audit findings and drive remediation and improvement.
  • Maintain and evolve security policies, standards, and procedures aligned with PIPEDA, NIST
    , and customer expectations.
  • Maintain a security risk register and regularly report on security posture and key risks to senior leadership.
What You Bring Must-Have Skills & Experience
  • 5+ years of experience in information security, with strong exposure to cloud (AWS) and application security.
  • Deep understanding of AWS security services and concepts, such as: IAM, KMS, Guard Duty, Security Hub, Cloud Trail, Config, WAF, Macie
  • Experience designing or enforcing security controls in regulated or high-assurance environments (e.g., fintech, identity, government, healthcare).
  • Working knowledge of SOC 2 and/or ISO 27001
    , including audit preparation or control implementation.
  • Solid understanding of PII protection and privacy regulations (PIPEDA or similar).
  • Proven ability to collaborate with software engineers, architects, and external vendors.
  • Strong communication skills, with the ability to clearly explain security risks and trade-offs to technical and non-technical audiences, including customers.
Nice-to-Have Skills & Experience
  • End-to-end experience leading SOC 2 or ISO 27001 readiness and audits.
  • Experience in fraud prevention, identity verification, or financial services.
  • Hands-on Dev Sec Ops  experience (SAST, DAST, dependency scanning,…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search