HybridFull Time

Salary

$60.1 - $67.31 / hour

Location

Surrey, BC

Surrey, British Columbia V3S 3C4

Posted

Jul 5, 2026

Role overview

←Back to all jobs at Emterra Group

Security and Compliance Lead

-

-

-

Who We Are

Emterra Group is a dynamic, growth-oriented, and safety-focused group of companies. Our organization have been deemed to be an “essential service” by providing collection and processing for recycling, organics, and waste that keep our communities clean and safe. With customer service and safety as our focus, we are looking for an energetic and driven employee to support our growing company and play a crucial role in waste diversion and the circular economy. Emterra is proud to be recognized as one of Canada’s Greenest Employers, a certified diverse supplier of the Canadian Aboriginal and Minority Supplier Council (CAMSC) and the Canadian Women Business Enterprise National Council (WBE).

Job Summary

Emterra Group is seeking a Security and Compliance Lead to own and advance our cybersecurity posture and regulatory compliance program across our Microsoft 365 and Azure cloud environments. This is a hands-on leadership role responsible for designing, implementing, and maintaining security controls while ensuring alignment with applicable frameworks and standards.

Position Description

Security Operations & Architecture

  • Design and maintain security architecture across Microsoft Azure, Microsoft 365, and on-premises infrastructure
  • Manage and optimize (Endpoint, Identity, Cloud Apps, Office 365), SIEM, and Entra ID (Azure AD)
  • Lead vulnerability management, threat detection, and incident response activities
  • Configure and maintain Conditional Access policies, Zero Trust network access, and Privileged Identity Management (PIM)
  • Oversee Azure Security Center / Defender for Cloud recommendations and remediation

Compliance & Governance

  • Develop and maintain the organization's information security policies, standards, and procedures
  • Lead compliance efforts across applicable frameworks (NIST, PIPEDA, or industry-specific regulations)
  • Manage Microsoft Purview for data classification, DLP policies, information protection labels, and eDiscovery
  • Conduct and coordinate internal audits, risk assessments, and third-party security reviews
  • Maintain compliance posture within the Microsoft 365 Compliance Center and Secure Score benchmarks

Identity & Access Management

  • Administer and mature Entra ID (Azure AD) including RBAC, MFA, SSO, and lifecycle management
  • Manage privileged access through PIM and Just-in-Time (JIT) provisioning
  • Oversee identity governance and access reviews

Risk Management

  • Conduct regular risk assessments and maintain the organizational risk register
  • Develop and test the Business Continuity Plan (BCP) and Disaster Recovery (DR) procedures
  • Evaluate and manage vendor and third-party security risk

Training & Awareness

  • Design and deliver security awareness training programs across the organization
  • Act as internal subject matter expert and advisor on security matters for all departments
  • Report security metrics and compliance status to IT leadership and stakeholders

Skills & Qualifications

Required Qualifications

  • 5+ years of progressive experience in information security or cybersecurity roles
  • 3+ years of hands-on experience with Microsoft Azure and Microsoft 365 security tooling
  • Deep expertise with Microsoft security products: Sentinel, Purview, Entra ID,
  • Working knowledge of Azure networking, Azure Policy, and cloud governance frameworks
  • Experience with at least one compliance framework (SOC 2, ISO 27001, NIST CSF, CIS Controls)
  • Strong understanding of identity and access management principles
  • Excellent written and verbal communication skills; ability to present risk clearly to non-technical stakeholders

Preferred Qualifications

  • Relevant certifications: MS-500 (Microsoft Security Administrator), SC-200 (Microsoft Security Operations Analyst), SC-300 (Identity and Access Administrator), AZ-500 (Azure Security Engineer), CISSP, CISM, or CompTIA Security+
  • Experience in a regulated or multi-site operations environment
  • Familiarity with PIPEDA and Canadian privacy legislation
  • Experience with Microsoft Copilot for Security

What We Offer

  • Competitive salary and benefits package
  • Hybrid work flexibility
  • Collaborative and mission-driven team environment
  • Opportunity to shape and build a modern security program from the ground up

Reasons to Apply, Stay and Grow with Emterra Group

  • Opportunity to be part of one of Canada’s Greenest Employers!
  • Competitive wages!
  • Comprehensive health benefits (health, dental, and more depending on what you choose)!
  • Employee Assistance Program, paid for by the company!
  • Tuition reimbursement program and professional development support!
  • Be part of an entrepreneurial organization that wants to continue to learn and grow!
  • Ability to have an impact and make change!

Are you ready to jumpstart your career by joining one of Canada’s Greenest Employers and become part of the environmental solution? If so, apply now! We appreciate all applicants who apply however only those who are qualified, will be contacted.

Emterra Group is committed to maintaining an equitable, fair, and diverse environment. Any applicants who have a disability or require reasonable accommodation may speak directly with our Human Resources Department. Reasonable accommodations will be assessed on a case-by-case basis. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, age, national origin, disability, or veteran status.

Please note that AI may be used to support the application review process; however, all applications are reviewed by our Human Resources Team.

Please visit our careers page to see more job opportunities.