Cyber Security Manager

Snowstorm Technologies Inc.

Cyber Security Manager

Cybersecurity, Cloud Security & Compliance

Employment Type: Full-time

Work Arrangement: Onsite

Compensation: 125K Base Salary

About the Role

Snowstorm Technologies is looking for a Cyber Security Managerto own and advance our approach to protecting our platforms, cloud environment, and the data our customers trust us with. This is a hands-on leadership role: part architect, part operator, part advisor to the executive team. You will set the direction for our security and compliance programs and stay close enough to the technology to make sound calls under pressure.

We build travel technology that real businesses depend on, so security is not a checkbox here. You will work shoulder to shoulder with engineering, cloud operations, product, and QA to keep our security posture strong as the business continues to move. If you enjoy reducing real risk, simplifying messy problems, and being the person leadership turns to when something matters, this role is for you.

Snowstorm Technologies is a global travel technology company powering innovative booking, loyalty, rewards, and travel solutions for some of the worlds leading brands. Our platform connects customers to hotels, flights, cruises, activities, and experiences through cutting-edge technology and industry-leading partnerships.

What Youll Own

Security Strategy & Leadership

Set the security strategy, roadmap, and the policies and controls that back it up.

Run risk assessments and vulnerability reviews, and turn the findings into action.

Give leadership a clear, honest read on where the risks are and what to do about them.

Build security into how the company works day to day, not as an afterthought.

Security Operations & Incident Response

Lead detection, investigation, containment, and remediation when incidents happen.

Drive root cause analysis and make sure corrective actions actually stick.

Keep incident response, disaster recovery, and business continuity plans current and tested through tabletop exercises and simulations.

Run the vulnerability management program from discovery through fix.

Azure Cloud Security

Secure our Microsoft Azure environment across App Services, virtual machines, AKS, Key Vault, Storage, networking, Front Door, Application Gateway, Defender for Cloud, and Sentinel.

Manage identity and access through Microsoft Entra ID, with MFA, privileged access management, and Zero Trust as the baseline.

Review cloud architectures and configurations against best practices before they become problems.

Application, API & DevSecOps Security

Embed security into the development lifecycle and set secure coding standards the team can live with.

Review application architectures, APIs, and third-party integrations for weaknesses.

Own vulnerability scanning, penetration testing, SAST, DAST, and dependency reviews, with OWASP as the reference point.

Data & Database Security

Protect our Microsoft SQL Server, MongoDB, and Redis environments through access controls, encryption, auditing, monitoring, backup, and recovery.

Set data classification, retention, and protection standards, and support our privacy obligations.

Compliance & Governance

Run our compliance programs across SOC 2 Type II, ISO 27001, PCI DSS, the NIST Cybersecurity Framework, CIS Controls, GDPR, and PIPEDA.

Manage external audits and internal assessments end-to-end, including evidence and remediation.

Be the point person for customer security reviews and questionnaires.

Monitoring & Threat Management

Run our monitoring stack, including Microsoft Sentinel, Microsoft Defender, and Datadog.

Watch for threats, investigate what matters, and keep stakeholders informed with clear reporting.

Keep improving detection and response as the environment evolves.

Third-Party Risk

Review the security of vendors, partners, and service providers before and during the relationship.

Set security requirements in contracts and integrations, and hold partners to them.

Awareness, Team & Collaboration

Build security awareness across the company, including phishing simulations and training.

Mentor security staff, consultants, and managed service providers, and manage security projects and budgets.

Partner closely with engineering, infrastructure, cloud operations, and the wider business.

What Were Looking For

Experience

At least 8 years in cybersecurity, with 3 or more in a leadership or management role.

Proven track record securing Microsoft Azure environments and enterprise SaaS production systems.

Hands-on experience leading incident response, vulnerability management, audits, and compliance programs.

Technical Depth

You bring strong, practical knowledge across most of the following:

Microsoft Azure security, Entra ID, the Defender suite, Sentinel, App Services, and Key Vault.

Database security for Microsoft SQL Server, MongoDB, and Redis.

Web application and API security, OAuth 2.0 and OpenID Connect, and identity and access management.

DevSecOps, vulnerability management, security architecture, and network security.

Incident response, disaster recovery, SIEM platforms, and Datadog.

Education & Certifications

Bachelors degree in cybersecurity, information security, computer science, engineering, IT, or a related field. A masters degree is a plus.

One or more of CISSP, CISM, CCSP, Microsoft Certified: Azure Security Engineer Associate, or Microsoft Certified: Cybersecurity Architect Expert is highly desirable. Equivalent experience is welcome in place of certifications.

How You Work

You communicate clearly with both engineers and executives, and you can translate risk into decisions.

You are calm under pressure, pragmatic about trade-offs, and biased toward fixing the real problem.

You lead people and vendors well, and you keep improving the things you own.

What Success Looks Like

In this role, you are doing well when risks and vulnerabilities trend down, audits pass cleanly, incidents are handled quickly and learned from, and our compliance programs continue to mature. Customers and auditors leave their reviews confident in how we operate, and the team around you gets sharper over time.

Compensation Package:

• Competitive salary
• Comprehensive medical and dental benefits
• 2 weeks paid vacation
• Great travel perks and discounts

Snowstorm Technologies Inc. is an equal opportunity employer. We welcome applicants of all backgrounds.