Cyber and Information Security Architect

Prospera Credit Union is a community-based, purpose-driven organization offering a full range of financial products and services. As one of the largest credit unions in British Columbia, we support vibrant communities, thriving local enterprises, and financially empowered individuals. Prosperais proud to serve communities throughout the Lower Mainland, Fraser Valley, and Okanagan.

We are seeking a Cyber and Information Security Architect to work collaboratively with the Architecture Review Board (ARB) and other governance teams, such as Data Governance. The role is essential in translating the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) and other NIST standards into Prospera’s Enterprise Architecture and Design Principles.

1. Develop and maintain Prospera's security architecture framework, ensuring alignment with business objectives and industry standards.
2. Lead the design and review of secure network architectures, systems, applications, and cloud environments.
3. Collaborate with cross-functional teams to integrate security requirements into the software development lifecycle and infrastructure deployment.
4. Ensure concepts like Zero-Trust, Least Privilege, and Data Protection standards are incorporated into design standards.
5. Plan and configure environments such as Cloud and Mobile Devices for optimal security controls ensuring Confidentiality, Integrity, and Availability (CIA).
6. Configure, monitor, and optimize security tools and technologies.
7. Research and evaluate emerging security technologies, proposing innovative solutions to enhance security posture.
8. Develop and maintain policies, standards, and procedures related to cyber and information security.
9. Work with DevSecOps teams to ensure compliance.
10. Conduct risk assessments, identify vulnerabilities, and recommend controls.
11. Ensure compliance with regulations and frameworks like ISO 27001, NIST CSF, and privacy laws.
12. Update the Risk Register(s) as needed.
13. Participate in internal audits, including planning and updating action plans.

1. Familiarity with security frameworks and regulations (e.g., NIST, ISO27000, CIS Controls).
2. Experience with cybersecurity and operational risk assessments.
3. Proficiency in assessing and auditing network controls such as firewalls, IDS/IPS, VPN, 2FA, and network segmentation.
4. Advanced knowledge of Azure and AWS cloud platforms.
5. Membership in ISSA, ISACA, or related communities is a plus.
6. Knowledge of industry best practices like NIST, SABSA, TOGAF is an asset.
7. Strong understanding of security principles, technologies, and industry standards.
8. Experience designing secure network architectures and cloud environments.

Certification requirements:

• Required: Security+ certification
• Assets: CISSP, CISM, SANS, GIAC, OSCP

Additional qualities include excellent communication, leadership, problem-solving skills, motivation, adaptability, and a relevant bachelor’s degree with at least 5 years of experience in information security roles.

• Competitive salary package with incentives, starting from $101,250 to $112,500.
• Flexible work options and benefits.
• Retirement plan, paid time off, and professional development opportunities.
• A supportive, collaborative work environment recognized as a Great Place to Work.

Please Note : The successful candidate will undergo a background check, including criminal, credit, and reference checks.