Cybersecurity Architect

Working with ISM will work wonders for your career!

ISM is seeking a Technical Solutions Manager (Cybersecurity Architect) to develop solutions and services for ISM’s security practice. You will oversee and contribute to technical design of systems and have overall responsibility for developing solutions / services that ensure the protection of digital assets while meeting industry and corporate standards as well as industry best practices.

As a specialist in the Security domain, you will work with customers to help ensure the protection of their enterprise information system assets by determining security requirements; planning and implementing security programs, establishing governance and ensuring that systems are secure. You will prepare security standards, policies, and procedures; participate in code reviews; mentor team members. While bringing your own expertise – including information systems security specialized certifications – you will also help educate others on security and draw on technical specialists to secure information system assets.

The position is also responsible for providing the rationale for security approaches and decisions; balancing the concerns of the various stakeholders, reducing technical risks, and ensuring that decisions are effectively communicated, validated, and followed. This role will work closely with customers (internal and external) to develop and implement secure solutions. This role will also contribute to Corporate Architecture standards, practices, and governance.

NOTE: the preferred work location for this position is Regina, Saskatchewan; however, the work location will be dependent upon the location of the successful candidate.

Responsibilities:

• Develops and delivers solutions and services by engaging with technology experts, customers, and other stakeholders.
• Works with customers and provides recommendations to improve their overall security posture.
• Works with stakeholders to enhance overall security posture by recommending and establishing governance and developing security policies designed to meet overall security program goals and requirements.
• Enhances solution security by working with team to enhance security awareness and standards.
• Determines security requirements by evaluating business strategies and requirements; researching information security standards and regulatory requirements (e.g. data sovereignty, data handling); conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
• Ensures solutions are thoroughly tested for security weaknesses and contributing quality processes (e.g. code reviews, infrastructure hardening) technical standards and solution design artifacts to protect them.
• Accountable for solution security and auditability requirements. Verifies security systems by developing and implementing test plans. Contributes to test strategy and leads the security testing.
• Plans security systems by evaluating network and security technologies; developing requirements for Cloud, networking components including routers and firewalls, virtual private networks (VPNs), routers, security appliances; public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; access controls, encryption, and adhering to other industry standards.
• Recommends and implements continuous security technology and remediations and process improvements both within the solutions and at a corporate level and for customers.
• Ensures security of solutioning by designing solutions to meet all security audit/regulatory requirements and/or security controls.
• Assists team in identifying, containing, investigating, and remediating security breach events.
• Provides technical and thought leadership to design and deliver solutions and to mentor other team members.
• Responsible to make and defend security architecture trade-off decisions; ensuring that risk is an element in all solution technical solution decisions.
• Ensures roles-based authorization systems are developed and tested.
• Ensures appropriate confidentiality of corporate information both in transit and at rest.

Qualifications:

• Bachelor’s Degree in Computer Science or STEM (Science, Technology, Engineering, Math) majors, and 7+ years working on application and technology security. Accounting or related practitioners who have gone on to achieve sufficient technical certifications and demonstrate technical depth will also be considered.
• One or more Information Technology related security certifications such as Certified Information Systems Security Profession (CISSP), ISACA Certified Information Security Manager (CISM), ISACA Certified Information Systems Auditor (CISA), GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (SSCP), CompTIA Security+, and/or certified EC-Council Certified Ethical Hacker (CEH) and Certified Security Analyst (ECSA).
• One or more IT Architecture related certifications such as The Open Group TOGAF 9 Certification, The Open Group Certified Architect (Open CA) or Certified System Architect (CSA)
• Demonstrated knowledge of Security Frameworks such as ISO 27000 series, NIST, CIS, COBIT or ITSG-33 as well as regulatory requirements and statutes, and audit compliance requirements such as Payment Card Industry (PCI) and Personal Information Protection and Electronic Documents Act (PIPEDA).
• Strategic business acumen and understanding of strategy and ability to design information systems to delivery that strategy.
• Knowledge in the following technical areas: Network and Infrastructure Services; Microsoft Azure and/or similar cloud platforms such as Amazon Web Services (AWS); Cloud authentication and security on platforms such as Azure and AWS; Security Operations tooling (Vulnerability Assessment, Intrusion Detection, Managed Malware Defense, SIEM etc.)

To view the full job description and submit your application, visit the ISM Careers portal: https://www.ismcanada.com/careers