Senior Cyber Defense Engineer

What Makes Us, Us

Join some of the most innovative thinkers in FinTech as we lead the evolution of financial technology. If you are an innovative, curious, collaborative person who embraces challenges and wants to grow, learn and pursue outcomes with our prestigious financial clients, say Hello to SimCorp!

At its foundation, SimCorp is guided by our values — caring, customer success-driven, collaborative, curious, and courageous. Our people-centered organization focuses on skills development, relationship building, and client success. We take pride in cultivating an environment where all team members can grow, feel heard, valued, and empowered.

If you like what we’re saying, keep reading!
 

WHY THIS ROLE IS IMPORTANT TO US

We are looking for a Senior Cyber Defense Engineer who wants to be in a technical role. Someone who is comfortable going both wide and deep across our Azure security landscape.

You won’t be siloed into a single area. Instead, you will play a key role across the end to end security lifecycle—shaping strategy, driving initiatives, and contributing deep expertise — from building efficient detections in Sentinel and managing incident response to designing the logging strategies that make our monitoring possible.

Crucially, you will act as a bridge to our Architects, ensuring that our cloud infrastructure isn't just monitored, but is built to be secure from the ground up.

We value ownership and initiative. We are looking for an engineer who can identify a security gap, plan the solution, and drive a taskforce to delivery of the solution. If you are a problem-solver who enjoys having a direct, visible impact on the security posture of a global platform, we want to talk to you.

Key Responsibilities

• Detection Engineering: Design, build, and tune advanced detection logic within Microsoft Sentinel using KQL. Develop playbooks and workbooks to automate response actions and visualize threats.
• Logging & Monitoring: Lead the strategy for centralized logging. Optimize Log Analytics workspaces to ensure high-fidelity data ingestion while balancing cost and performance.
• Cloud Security Posture (CSPM/CWPP): Own and manage Microsoft Defender for Cloud. Drive the remediation of security recommendations and bridge the gap between security alerts and engineering fixes.

• Architectural Collaboration: Partner with Infrastructure and Solution Architects to ensure security is baked into the foundation of our Azure landing zones and CI/CD pipelines.
• End-to-End Project Leadership: Take high-level security objectives and translate them into technical roadmaps. Plan, execute, and report on progress directly to leadership.

• Infrastructure Understanding: Apply a solid understanding of Azure networking, IAM (Entra ID), and compute services to identify and mitigate configuration drift.

Technical Qualifications

• Azure Security Expertise: Deep, practical experience with the Azure Security stack, specifically Microsoft Sentinel, Defender for Cloud, and the Microsoft Defender portal.
• Detection Proficiency: Mastery of KQL (Kusto Query Language) for threat hunting and detection rule creation.
• Logging Strategy: Experience designing scalable logging architectures (Diagnostic settings, Event Hubs, Log Analytics).
• Network Security Topology: Expertise of Azure-native networking security, including Azure Firewall, Web Application Firewall (WAF), and Private Link/Private Endpoints to ensure zero-trust connectivity
• Experience securing Azure Kubernetes Service (AKS) and containerized workloads using Defender for Containers and admission controllers.

Key Skills

• Ability to drive initiatives from concept through to delivery with minimal supervision. Ability to navigate in a global organization.
• Clear Communication: Capable of translating technical security risks into business impact for stakeholders and align on co-operation models.
• Methodical approach: You don't just see an alert; you look for the root cause and the flaw in the system design that allowed it to trigger. Take initiative to design and improvements in the system and processes.

Benefits

SimCorp offers several benefits that might play a significant factor in considering whether to accept a job offer. Since SimCorp operates in 30+ offices worldwide, the benefits package may vary from country to country. Simcorp follows a global hybrid policy, asking employees to work from the office two days each week while allowing remote work on other days.

 

NEXT STEPS

Please send us your application in English via our career site as soon as possible, we process incoming applications continually. Please note that only applications sent through our system will be processed. At SimCorp, we recognize that bias can unintentionally occur in the recruitment process. To uphold fairness and equal opportunities for all applicants, we kindly ask you to exclude personal data such as photo, age, or any non-professional information from your application. Thank you for aiding us in our endeavor to mitigate biases in our recruitment process.

For any questions you are welcome to contact Kayra Bali, Head of Security, at kayra.bali@simcorp.com. If you are interested in being a part of SimCorp and you can see yourself contributing and thriving in the position described above, but are not sure this role is suitable, submit your CV anyway.

SimCorp is on an exciting growth journey, and our Talent Acquisition Team is ready to assist you discover the right role for you. The approximate time to consider your CV is three weeks.

We are eager to continually improve our talent acquisition process and make everyone’s experience positive and valuable. Therefore, during the process we will ask you to provide your feedback, which is highly appreciated.

SimCorp Canada welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Candidates who require accommodation during the recruitment process should contact the People & Culture team at HumanResourcesNA@simcorp.com.

This position is for an existing vacancy.

Who We Are

For over 50 years, we have worked closely with investment and asset managers to become the world’s leading provider of integrated investment management solutions. We are 4,000+ colleagues with a broad range of nationalities, educations, professional experiences, ages, and backgrounds.

SimCorp is an independent subsidiary of the Deutsche Börse Group. Following the recent merger with Axioma, we leverage the combined strength of our brands to provide an industry-leading, full, front-to-back offering for our clients.

SimCorp is an equal opportunity employer and welcome applicants from all backgrounds, without regard to race, gender, age, disability, or any other protected status under applicable law. We are committed to building a culture where diverse perspectives and expertise are integrated into our everyday work. We believe in the continual growth and development of our employees, so that we can provide best-in-class solutions to our clients.

For Toronto only: The salary range for this position is 113 840,00 - 170 760,00 CAD Annual. Additionally, employees are eligible for an annual discretionary bonus and benefits including health and dental care, time off and Group RRSP/TFSA. Your total compensation may vary based on role, location, department and individual performance.