Security Architect-(Hybrid)

About The Position

Requirements

• University degree in computer science (or equivalent)
• 10+ years relevant experience in a large-scale IT environment with 5+ years in Security Architecture
• Experience with API technology, e.g., API gateways, Enterprise Service Bus, and microservices
• Strong understanding of API driven authentication and authorization using OIDC, OAuth, JWT, and integrating with other identity providers
• Experience with multi-cloud API standardization with both cloud agnostic and cloud native technologies
• Strong understanding of container and service mesh technology, e.g., Kubernetes/AKS, Istio, etc.
• Strong understanding of certificates and encryption used for securing transmissions and signing tokens.
• Experience with Architecture and Security Architecture frameworks, e.g. SABSA, Zachman, TOGAF
• Demonstrated ability to communicate, collaborate and influence across the organization including Product, Technology, Operations and outside of the delivery organization, including partners, vendors, and client organizations.
• Passion for innovation and “can do” attitude including ability to work under pressure and adapt easily to changing priorities and business needs.
• Ability to build deep technical relationships with other technology team members.

Nice To Haves

• One or more of the following certifications preferred: (ISC)2 - CISSP GIAC - GSEC, GCIH, GCIA, GCFE, GWAPT or GPEN
• Technical certifications in Cloud Platforms such as Azure (e.g., Cybersecurity Architect) and/or AWS (e.g., Certified Security Specialist)
• Previous experience at financial institutions an asset

Responsibilities

• Perform a leadership role in the planning and design of enterprise security architecture, and coordinate with system owners, control providers, and other stakeholders on the allocation of security controls as system-specific, hybrid, or common controls.
• Perform threat modeling and risk assessments based on legacy or new environments using organizational guidelines or established industry frameworks.
• Identify technical and procedural controls to mitigate newly identified threats and risks.
• Participate in the various technology and architecture governance forums to ensure adherence to standards.
• Be part of the Architecture team to review and implement security architecture best practices across the organization.
• Own and maintain the Security Architecture Roadmap items under the overall C1 Technology Roadmap.
• Work with external vendors on technology evaluation, selection, and implementation.
• Recommend adjustments to Information Security and Enterprise Architecture policies and standards as necessary.

Benefits

• Work-life flexibility
• Hybrid work environment
• Variable annual incentive plan
• Generous annual vacation allotment
• Top-notch flexible benefits plan including family building and gender affirmation
• Retirement Plan, matched contributions at 6%
• Access to a learning platform and educational assistance support
• Access to a virtual wellness platform
• Career development opportunities
• Wellness Flex Fund to support personal interest and activities
• Day off to volunteer in your community and other paid time off options
• Corporate discounts subject to employment agreement
• Comprehensive compensation structure consisting of a competitive base salary and individual and company-wide annual incentive, matched contributions for your retirement plan and a top-notch benefits plan.
• work-life flexibility, career development opportunities and a day off to volunteer in your community.