Information Security Lead

Dentons is designed to be different. Our Firm leads the way in a rapidly changing legal marketplace. We challenge the status quo and deliver consistent results as well as uncompromising quality and value to our clients. Our global presence is renowned as a Firm with over 21,000 individuals in more than 200 offices serving clients across 80+ countries.

Dentons Canada is committed to its people and communities. We are consistently recognized as an employer of choice having received numerous awards including being selected as one of Canada’s Top 100 Employers (2026). Canada’s Top Employers for Young People (2026), and Canada’s Best Diversity Employers (2026).

This role is an opportunity for you to join Canada’s Global Law Firm, a Firm that offers opportunities to build your career while growing your skills and deepening your expertise.

ROLE

Dentons Canada LLP is currently recruiting for an Information Security Lead who will be responsible for ensuring the security, integrity, and availability of Dentons Canada information assets. The candidate will contribute to the management and continuous improvement of multiple security programs. The position entails the development, implementation, and maintenance of security controls, through people, processes, and technology, across the organization.

KEY RESPONSIBILITIES & ACCOUNTABILITIES

Security Architecture & Cloud Security

• Provide technical leadership and architectural oversight for the Firm’s security controls across on-premises and cloud environments.
• Lead the design and implementation of secure architecture patterns for enterprise infrastructure, cloud platforms, identity services, and network security.
• Act as a key security advisor to Infrastructure, Cloud, and Application teams to ensure security is embedded into platform design, deployments, and operational processes.
• Support the secure adoption and governance of Microsoft Azure, including the design and implementation of security controls for identity, networking, workloads, and platform services.
• Lead the configuration and optimization of Azure security capabilities including Microsoft Defender for Cloud, Conditional Access, Azure Policy, identity protection controls, and security monitoring integrations.
• Provide architectural guidance for secure network connectivity and access models, including integration with enterprise network security platforms such as Palo Alto and secure access platforms such as Netskope or Zscaler.
• Contribute to the development and automation of security guardrails for cloud environments, including policy enforcement, configuration standards, and monitoring integrations.
• Monitor emerging threats, vulnerabilities, and technology trends and recommend improvements to strengthen the Firm’s security architecture and overall security posture.
• Mentor and provide technical guidance to Information Security team members across operational and engineering initiatives.

Security Operations, Incident Response & Vulnerability Management

• Lead the day-to-day security operations function, ensuring effective monitoring, detection, and response across enterprise and cloud environments.
• Provide hands-on technical leadership to team members responsible for security monitoring, threat detection, and vulnerability management activities.
• Serve as the primary escalation point for security incidents and high-risk vulnerabilities, providing technical direction on investigation, containment, remediation, and recovery.
• Oversee the development and continuous improvement of incident response playbooks, operational procedures, and response readiness activities, including incident simulations and tabletop exercises.
• Analyze vulnerability intelligence and security findings, guiding prioritization and remediation efforts with infrastructure, cloud, and application teams.
• Coordinate vulnerability scanning, penetration testing activities, and remediation tracking to ensure security findings are appropriately assessed and addressed.
• Support the integration, tuning, and optimization of security technologies including SIEM, endpoint protection, network security, and secure access platforms.
• Drive continuous improvement in detection, response, and threat exposure management capabilities.

Data Protection, Classification & DLP

• Support the implementation and maturity of the Firm’s data protection program, including data classification, data loss prevention (DLP), and information protection controls.
• Provide guidance on protecting sensitive client and Firm data across collaboration platforms, cloud services, and enterprise systems.
• Assist in designing and implementing data classification standards and enforcement mechanisms to ensure sensitive data is properly identified and protected.
• Support the configuration and management of DLP policies and controls across email, endpoints, cloud services, and collaboration platforms.
• Work closely with legal, compliance, and business stakeholders to ensure data protection controls align with regulatory requirements and client obligations.
• Assist with monitoring and responding to data protection incidents and DLP alerts, ensuring appropriate remediation and control improvements

Data Governance & Compliance

• Support the development and continuous improvement of the Firm’s security policies, standards, and technical security guidelines.
• Assist with internal and external security audits, client security assessments, and compliance activities related to industry frameworks.
• Contribute to the development of security metrics, reporting, and dashboards that provide visibility into the Firm’s security posture and risk exposure.
• Prepare reporting on key security risks, operational metrics, and program maturity for internal stakeholders..

SKILLS & COMPETENCIES

• Strong understanding of enterprise security architecture and modern cloud security principles.
• Deep knowledge of Microsoft Azure security architecture and platform security capabilities.
• Strong understanding of identity-centric security models and Zero Trust principles.
• Experience implementing and integrating enterprise security platforms including SIEM, network security controls, CASB/SSE platforms, and endpoint security solutions.
• Strong knowledge of data protection practices including data classification, information protection, and data loss prevention technologies.
• Excellent analytical and problem-solving skills with the ability to evaluate risk and recommend practical technical solutions.
• Ability to lead technical discussions and mentor security team members while remaining hands-on when required.
• Strong written and verbal communication skills with the ability to translate technical issues into business context.
• Strong stakeholder engagement skills with the ability to collaborate effectively across infrastructure, cloud, application, and business teams.
• Ability to operate effectively in high-pressure situations such as security incidents.
• Self-motivated with the ability to anticipate risks and proactively improve security capabilities.
• Flexibility to collaborate across global teams and multiple time zones

EDUCATION, EXPERIENCE & CERTIFICATIONS

• Post-secondary education in Information Technology, Computer Science, Cybersecurity, or a related discipline, or equivalent practical experience.
• Minimum 8+ years of experience in Information Technology with significant focus on cybersecurity architecture, engineering, or operations.
• At least 6+ years of experience in an Information Security role with 3+ years in a lead or senior technical capacity.
• Deep experience securing Microsoft Azure environments, including identity security, network architecture, workload protection, and cloud-native security controls.
• Hands-on experience implementing and managing Azure security capabilities such as Microsoft Defender for Cloud, Conditional Access, Azure Policy, identity protection controls, and security monitoring integrations.
• Experience integrating enterprise security platforms with cloud environments, including SIEM solutions, network security platforms (e.g., Palo Alto), and CASB/SSE platforms (e.g., Netskope or Zscaler).
• Experience with Microsoft security technologies including Microsoft Sentinel, Defender for Endpoint, Defender for Identity, Defender for Cloud, and related security services.
• Experience implementing or supporting data classification and data loss prevention (DLP) programs across enterprise collaboration platforms and cloud services.
• Familiarity with threat frameworks such as MITRE ATT&CK and modern detection and response methodologies.
• Experience assessing security controls against industry frameworks such as ISO 27001/27002 and the NIST Cybersecurity Framework.
• One or more relevant certifications such as CISSP, CISM, or certifications from GIAC, ISACA, or Microsoft Security are preferred.

We thank all applicants for their interest, however, only those selected for an interview will be contacted.

This is a replacement role. The target salary range for this position is $130,000 - $135,000, commensurate with the successful candidate’s skills, experience, and qualifications. Dentons is committed to equitable and competitive compensation. This target range falls within our internal salary ranges, which are based on comparable roles in the external market. We strive to hire, promote, and transfer individuals at the entry point of the range, with consideration given to prior experience, relevant skills, and market conditions.

We recognize that rewarding exceptional talent goes beyond salary. Our comprehensive total rewards package includes inclusive and flexible benefits that support the wellbeing and development of our people. This includes extended health and mental health benefits, paid time off, retirement savings plans, a fitness subsidy, parental leave top-up, and more.

In addition, our learning and development programs—such as mentorship opportunities, employee networks, and leadership development initiatives—are designed to support personal and professional growth.

At Dentons, all candidate screening, assessment, and hiring decisions are made by people. From time to time, we use AI-enabled tools to assist in enhancing our recruitment process and materials; however, these tools do not screen candidates or make hiring decisions.

Note: Availability of benefits and programs may vary depending on your location and employment type and may be subject to eligibility criteria. Dentons reserves the right to modify or discontinue offerings, in whole or in part, at its discretion and without prior notice.

Equal Opportunity Statement

At Dentons Canada, inclusion, diversity, equity and accessibility (IDEA) are not just ancillary values, they are foundational to our business. We believe that IDEA is essential to the shared success of our team and our clients. Our forward-thinking and inclusive culture supports the professional development of all our people, enhances the leading services we offer to our clients, and informs our commitment to make a positive impact in the communities where we live and work. As a testament to our commitment to IDEA, we have been recognized as one of Canada’s Best Diversity Employer’s for 16 consecutive years (2011-2026), as well as one of Canada’s Top Employers for Young People (2026) for the ninth time.

Dentons Canada is an equal opportunity employer, and we welcome your application. All employment decisions, including hiring, will be made without regard to age, ancestry, citizenship, colour, creed, disability, ethnic origin, family status, gender identity, marital status, place of origin, race, sexual orientation, or any other characteristic protected by applicable human rights legislation.

We are committed to providing you with an inclusive, barrier-free, and accessible workplace to support your success. Should you require accommodation during the recruitment process, for example as a result of a disability, please contact us at careers.canada@dentons.com.