Cyber Security Architect

Location - Hybrid- Toronto- Canada

The Security Architect will be part of a team who role is to assure enterprise security architecture with a focus on the review and authorship of Architecture Decision Records (ADRs) and Security Architecture Review Board (SARB) submissions. The role blends deep technical acumen with emerging expertise in Generative AI (GenAI) and Agentic systems, ensuring secure design, governance, and responsible adoption of intelligent automation within the enterprise.

• Architecture Review & Advisory
  • Lead security reviews of solution and domain architectures, ADRs, and AI-enabled platforms.
  • Assess GenAI and agentic solution designs for model security, data protection, prompt integrity, provenance, and safe orchestration of agents.
  • Evaluate proposals for alignment with enterprise standards, regulatory expectations, and risk tolerance.
  • Produce actionable review comments with traceable recommendations, covering both traditional and AI-driven architectures.
• Authoring & Governance
  • Author and maintain ADRs, patterns, and reference architectures—including those covering GenAI system integration, LLM usage, and multi-agent frameworks.
  • Ensure architectural documentation expresses the problem space, options, controls, and trade-offs clearly and defensibly.
  • Promote structured architectural reasoning supported by both human and GenAI-assisted analysis workflows.
• GenAI & Agentic Security
  • Define and assess controls for GenAI systems, including model access, data boundary, and prompt injection defenses.
  • Guardrails for AI agents performing autonomous actions or multi-step reasoning.
  • Secure orchestration, isolation, and human oversight mechanisms.
  • Evaluate the security of agent frameworks, LLM pipelines, and model-hosting platforms (e.g., Vertex AI, Azure OpenAI).
  • Contribute to enterprise policy for responsible AI use and GenAI-assisted development.
• Technical Leadership
  • Provide domain expertise in application, cloud, and data security—augmented by AI security design considerations.
  • Support teams in safely embedding GenAI copilots, RAG systems, and autonomous agents within business processes.
  • Lead threat modeling for composite systems where GenAI interacts with APIs, data stores, and user environments.
• Continuous Improvement & Automation
  • Use and refine GenAI tools for document review, security design assistance, and ADR quality assurance.
  • Develop reusable prompts, review heuristics, and decision frameworks that enhance SARB throughput and consistency.
  • Mentor peers in human‑AI collaborative authoring, emphasizing accountability and verification of AI output.
• Core Competencies
  • Enterprise security architecture (SABSA, TOGAF, NIST CSF).
  • GenAI systems architecture, LLM lifecycle, and model governance.
  • AI security patterns (threat modeling for LLMs, data leakage prevention, agent control).
  • Strong authorship and analytical writing—clear articulation of decisions and consequences.
  • Familiarity with tools for architectural diagramming, review automation, and GenAI-assisted design (e.g., LangChain, OpenAI GPT, Guardrails AI).
  • Broad experience across cloud, data, application, and API security domains.