It Security Architect Jobs

IT Security Architect

Work location:Toronto, ON

Duration: starting asap for 1 year, with long terms extensions

*** HYBRID WORK MODEL - 2 days per week on site

*** Proof of vaccination required

:

Responsible to drive and create innovative solutions to solve complex technical/technological challenges in order to ensure the highest level of confidentiality, integrity, availability, efficiency, and overall quality of IT systems.This role provides major input to strategic leadership, management and oversight on behalf of Security and Enterprise Architecture specifically in the areas of in Cybersecurity, Cyber-Physical security, Network/Telecom, Server/SAN Backup, Database/Middleware or Applications/Reporting for on premise and cloud-based solutions.

The incumbent plays a key role in the development, sequencing, and prioritization of the IT capital portfolio and operating programs. Working with internal and external stakeholdersdevelops, implementing, and manages the creation of industry-leading technical standards including Proof of Concept analysis, position papers pertaining to the areas of Network/Telecom, Cyber Security, Server/SAN backup, Database/Middleware or Applications/Reporting. Develops strategies and carries out Cyber Security Threat and Risk evaluations employing best practices while employing solutions to mitigate threats and risks to acceptable levels.

The incumbent provides recommendations for a security architecture for all technology projects, and new platforms – on-premise or cloud-based and ensures alignment of technology solutions to established frameworks and security standards.The incumbent will have extensive knowledge and experience in the architecture of the following domains and their application to IT and OT environments:

• Identity and Access Management

• Threat, Risk and Compliance

• Security Operations

• Infrastructure Security

• Governance and Risk

• Security Architecture Modelling

• Application Security

KEY RESPONSIBILITIES:

•Designs security model including life cycle and framework(aligned to corporate goals) that drive/improve IT system security, visibility, reliability, quality and timeliness of IT service, cost and/or safety. Develops standards operating procedures for all technology assets.

•Develops IT foundational technology security roadmap, strategy and system plans, including conducting technical research, trending analysis, specifications, proof of concepts, position papers and the creation of white papers.Represents as CoE team member and contributes to planning, solution design, technical strategy outlined through various initiatives.

•Identifies IT Security and Technology risk management requirementsas it relates to enterprise architecture, including the development, implementation and monitoring of Cyber Security strategy and roadmap for cyber security; and the identification of controls, barriers and technologies to support/improve the client's technology and security posture.

•Develops and oversees implementation of technology standards, frameworksfor both on premise and on cloud solutions; gains consensus and approval from IT Senior Management/Executive. Builds measurable reporting mechanisms for standards compliance tracking.

•Provides technical leadership for solution design architecture to support business cases and problem/incident management, including leading technical/technological Proof of Concepts for both hardware and software assets related to Network/Telecom, Security, Server/SAN backup, Database/Middleware or Applications/Reporting

•Manages and audits IT project execution technical governanceto ensure technical standards compliance and/or exceptions.

KEY SKILLS AND EXPERIENCE REQUIRED:

• Post-secondary technical degree (e.g. Computer Engineering or Computer Science) or diploma with a suitable combination of education and experience maybe considered

•Relevant certifications (CISSP, ISSAP, CISM, CCIE Security, CCSP, GICSP)

• Minimum five to ten (5-10) years of experience in IT Enterprise Architecture

• Minimum 5 years technical leadership

• Graduate degree (MBA, MSc, PhD) preferred

•Extensive experience of strategic development of standards, Cyber Security Risk Identification and Mitigation techniques, and sizing project technical resource including effort assessments

• Extensive experience in applying the NIST Cyber Security Framework

• Solid understanding of theOntario Cyber Security Framework

• Strong knowledge ofNIST SP800-53, NIST SP800-82, NIST SP800-144, NIST Cyber Security Framework

• Strong knowledge ofleast-privilege and defense-in-depth concepts

• Strong knowledge ofPIPEDA and Privacy by Design

• Familiarity with the ISO 27000 series of cybersecurity controls

• Knowledge of the OSI and Purdue models

• Knowledge of and experience with operational technology – ICS Systems, SCADA, and industrial internet of things (IIoT)

• Knowledge of and experience in the IT industry – standards creation in Network/Telecom, Security, Server/SAN backup, Database/Middleware or Applications/Reporting

• Knowledge and experience on current trends in the cybersecurity industry

• Knowledge of unique threats to the energy sector and its role within Canadian critical infrastructure

• • Knowledge of Enterprise Architecture or Solution Architecture – standard creation, Incident and Problem Management and Technical Governance structures