×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Principal Cybersecurity Cloud Engineer

Job in Toronto, Ontario, C6A, Canada
Listing for: Dayforce US, Inc.
Full Time position
Listed on 2026-03-16
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 150000 - 200000 CAD Yearly CAD 150000.00 200000.00 YEAR
Job Description & How to Apply Below

Posted Friday, March 13, 2026 at 4:00 AM | Expires Saturday, May 16, 2026 at 3:59 AM

Dayforce is a global human capital management (HCM) company headquartered in Toronto, Ontario, and Minneapolis, Minnesota, with operations across North America, Europe, Middle East, Africa (EMEA), and the Asia Pacific Japan (APJ) region.

Our award-winning Cloud HCM platform offers a unified solution database and continuous calculation engine, driving efficiency, productivity and compliance for the global workforce.

Our brand prom ise - Makes Work Life Better ™ - Reflects our co mmitment to employees, customers, partners and communities globally.

About the role

The Cloud Security team is seeking a Principal Cloud Security Engineer to serve as a hands-on technical expert and trusted advisor across our cloud programs. Our team owns the security of multiple cloud environments—primarily Azure and AWS—and the implementation of security controls to meet regulatory requirements across geographies. Beyond identifying issues, we partner closely with product and platform teams to design and deliver secure cloud-based solutions.

You will lead CNAPP implementation, harden our Azure and AWS footprint, embed security into CI/CD and Terraform workflows, and support our path to FedRAMP, PBMM, and other public-sector compliance programs.

In this role, you will develop and drive the implementation of our Cloud Security Architecture and CNAPP architecture—defining secure-by-default reference patterns, guardrails, and scalable control implementations for Azure (primary) and AWS (in scope). You will partner with platform engineering, SRE, product, and compliance teams to translate architectural intent into actionable engineering work and measurable posture improvements.

You will map regulatory requirements (e.g., FedRAMP, NIST SP 800-53, PBMM, GC Cloud Guardrails, ITSG-33 or equivalent) to cloud security capabilities such as identity and access management, network segmentation, encryption and key management, logging/monitoring, vulnerability management, container/Kubernetes security, and continuous compliance. You will then engineer, implement, and operationalize these controls using cloud-native services and Wiz (policies, sensors, and workflows), integrated into Terraform and CI/CD pipelines with policy-as-code, drift detection, and automated evidence where feasible.

You’ll thrive in a dynamic, fast-paced environment, operate as a self-starter, work independently, and stay relentlessly results-oriented.

What You'll Do
  • Lead CNAPP implementation:
    Plan and execute end-to-end rollout of Wiz (and related CNAPP tooling) across Azure (and select AWS), including policy design, tuning, and alert-to-action workflows.
  • Harden clouds at scale:
    Design and enforce guardrails (Azure Policy, Defender for Cloud plans, identity controls, network segmentation, logging/monitoring) and extend patterns to AWS where applicable.
  • Dev Sec Ops  & IaC governance:
    Embed security into CI/CD and Terraform workflows (pre-merge checks, plan/policy gates, artifact signing, SBOMs/attestations) and establish reusable modules and policy-as-code patterns to prevent misconfigurations before deploying; enforce baselines at plan time.
  • Compliance engineering:
    Translate FedRAMP, CIS, and other frameworks into technical controls, automated evidence, continuous monitoring, and remediation playbooks.
  • Cloud security architecture & blueprint:
    Own and evolve the cloud security reference architecture (standardized landing zones, identity and access patterns, network segmentation, encryption standards, logging/monitoring baselines, and guardrails) for Azure (primary) and AWS (in scope); advise product and platform teams on secure designs, lead design reviews, and mentor engineers.
  • Incident & posture improvement:
    Partner with Sec Ops and App Sec teams to triage findings, evaluate risks, recommend remediation steps, and drive measurable improvements across vulnerabilities, identities, data, and workloads.
  • Executive advisory:
    Communicate risk, trade-offs, and roadmaps to senior leadership; influence prioritization through clear metrics and business outcomes.
  • Build automated guardrails and drift…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search