Security Solutions Engineer

Why you’ll love working here:

• high-performance, people-focused culture

• our commitment that equity, diversity, and inclusion are fundamental to our work environment and business success, which helps employees feel valued and empowered to be their authentic selves

• learning and development initiatives, including workshops, Speaker Series events and access to LinkedIn Learning, that support employees’ career growth

• membership in HOOPP’s world class defined benefit pension plan, which can serve as an important part of your retirement security

• competitive, 100% company-paid extended health and dental benefits for permanent employees, including coverage supporting our team's diversity and mental health (e.g., gender affirmation, fertility and drug treatment, psychological support benefits of $2,500 per year, parental leave top-up, and a health spending account).

• optional post-retirement health and dental benefits subsidized at 50%

• yoga classes, meditation workshops, nutritional consultations, and wellness seminars

• the opportunity to make a difference and help take care of those who care for us, by providing a financially secure retirement for Ontario healthcare workers

Job Summary

The Security Solutions Engineer plays a critical role in securing HOOPP’s IT environment and supporting HOOPP’s business objectives. This role is a senior technical contributor within the Information Security Operations team, responsible for designing, implementing, and operating security controls across on-premises and cloud environments, with a strong focus on AWS, network security, and security operations. 

The successful candidate will bring hands-on experience working in a Security Operations environment, supporting incident response at a senior (Level 3) capacity, and collaborating closely with Infrastructure, Cloud, and IT teams. While experience with SIEM technologies is important, this role requires a well-rounded security engineer with strong fundamentals across cloud, network, endpoint, and email security. 

The role also requires a working knowledge of application security concepts to effectively partner with Infrastructure and Application teams and support investigations involving application-layer threats. 

What you will do:

Security Operations & Incident Response 

• Act as a senior escalation point for complex security incidents, providing deep technical analysis, containment, and remediation guidance. 

• Lead and support incident response activities, including investigations, root cause analysis, and post-incident reviews. 

• Improve detection, response, and alerting capabilities across security tools and platforms. 

• Analyze logs, alerts, and telemetry from security tools, cloud platforms, infrastructure, and network devices. 

• Provide support to SOC on-call staff for security events and incidents as required. 

Architecture, Strategy & Cloud / Network Security 

• Contribute to enterprise security architecture planning under the direction of the Sr. Manager, Information Security Operations. 

• Provide security guidance to infrastructure, network, and cloud teams to ensure secure-by-design solutions. 

• Improve HOOPP’s cloud security posture, with a strong emphasis on AWS (Azure experience is an asset). 

• Design, implement, and monitor secure cloud and hybrid network architectures, including segmentation, firewalling, routing, and secure connectivity. 

• Balance security best practices with operational and business requirements. 

Security Tooling & Engineering 

• Govern and enhance core security services, including SIEM, email security, endpoint protection, vulnerability management, and network security tools. 

• Lead or support the deployment, integration, and configuration of new security technologies. 

• Drive automation and orchestration to improve operational efficiency and security outcomes. 

• Maintain secure configuration baselines and participate in vulnerability assessments, penetration testing, audits, and vendor security assessments

What you bring:

• 7+ years of experience in IT infrastructure and security, including 5+ years in Security Operations or Information Security roles, with strong hands-on experience securing AWS environments (Azure experience is a plus). 

• Proven experience supporting incident response in an enterprise environment, including investigation, containment, remediation, and post-incident analysis. 

• Strong experience working in Security Operations (SecOps) environments and operating security tooling such as SIEM/log management, email security, endpoint detection and response (EDR), and vulnerability management platforms. 

• Deep understanding of network and network security concepts, including TCP/IP, firewalls, routing, segmentation, and troubleshooting in hybrid and cloud environments. 

• Hands-on experience securing cloud-native and hybrid environments across IaaS, PaaS, and SaaS. 

• Strong knowledge of identity and access management, including Entra ID, Active Directory, and modern authentication protocols (OAuth, SAML, PKI). 

• Familiarity with CI/CD pipelines, deployment workflows, and associated security controls. 

• Working knowledge of emerging technologies and associated security risks, including AI platforms, is considered an asset. 

• Bachelor’s degree in Cybersecurity, Computer Science, Information Security, Information Technology, Computer Engineering, or a related field (or equivalent practical experience). 

• Professional security or cloud certifications are an asset but not required (e.g., CISSP, CCSP, CISA, SSCP). 

• Strong analytical and problem-solving skills with the ability to operate effectively in high-pressure, incident-driven situations. 

• Excellent communication skills with both technical and non-technical audiences. 

• Self-motivated, collaborative, and able to think strategically and architecturally. 

The actual base salary offered to the successful candidate may vary based on multiple factors including, but not limited to, individual's expertise and level of experience applicable to the role they are being offered.  

This role is eligible to participate in discretionary incentive plan(s), subject to the terms and conditions of the applicable incentive plan text.