Security Solution Architect - Tangerine

About The Position

Requirements

• 7+ years of experience in cybersecurity, security architecture, cloud security, solution architecture, or a related technology risk role.
• Experience reviewing technology designs and providing practical security architecture recommendations.
• Strong knowledge of security controls across cloud, application, API, SaaS, identity and access management, data protection, network security, logging, monitoring, and vulnerability management.
• Experience working with public cloud platforms and modern delivery practices such as DevSecOps, CI/CD pipelines, infrastructure as code, containers, and cloud-native architectures.
• Familiarity with security frameworks, standards, and leading practices such as NIST, CIS, CSA, or equivalent enterprise security standards.
• Ability to assess risk, identify security gaps, document recommendations, and influence outcomes with cross-functional teams.
• Strong communication, facilitation, analytical, and stakeholder management skills, including the ability to explain security concepts to both technical and non-technical audiences.
• Bachelor’s degree in computer science, cybersecurity, information technology, engineering, or a related field, or equivalent practical experience.

Nice To Haves

• Relevant certifications such as CISSP, CCSP, CISM, CISA, CRISC, AWS, Azure, or GCP security certifications are considered an asset.

Responsibilities

• Provide security architecture advice for cloud, application, SaaS, API, data, identity, and infrastructure initiatives across Tangerine.
• Review solution designs and technical proposals to identify security risks, control gaps, and practical remediation options.
• Translate enterprise security standards and control requirements into clear design guidance for delivery and engineering teams.
• Support secure-by-design practices by helping teams consider security requirements early in the project lifecycle.
• Partner with technology, architecture, security, risk, and delivery teams to resolve security design issues and support timely delivery.
• Document security design decisions, control rationale, and risk considerations to support governance, audit, and compliance needs.
• Contribute to reusable security architecture patterns, checklists, and guidance that improve consistency and delivery efficiency.
• Actively pursues effective and efficient operations of their respective areas in accordance with Scotiabank’s Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
• Champions a high-performance environment and contributes to an inclusive work environment.