Lead Security Architect

Description

• Note - This is a temporary role for approximately 18 months

Purpose of Position

The Lead Security Architectwill work with IT teams, business teams, compliance teams, AI teams and vendor partners to design and implement secure systems and infrastructure aligning with business objectives / goals, regulatory requirements and industry best practicesas part of FSRA’s digital transformation effort.

The Lead Security Architectwill ensure security requirements are embedded across existing and modernized technology stack, including cloud platforms, DevSecOps pipelines, and enterprise applications so that sensitive data and systems remain protected from cyber threats.

Key Responsibilities

The Lead Security Architectensures that information security strategies and technologies align with organizational goals, regulatory requirements, and industry’s best practices through the following responsibilities :

Develops and maintains the overall enterprise security architecture and patterns for cloud and hybrid applications, networks, containers, and infrastructure, including designing security solutions, establishing security standards, and creating security roadmapsand ensuring alignment with industry standards, regulatory and compliance requirements, and FSRA’s business and IT strategies.

Leadsend-to-end projects related to security risk identification, assessments, security architecture reviews, and threat modeling activities for new and existing systems to mitigate security risks, and develop incident response plans.

Defines and maintains security standards for secure software development at FSRA; develops and recommends short-and long-term security standards and strategies, providing expertise to executive and front-line management

Integrates security controls into CI / CD pipelines using DevSecOps best practices.

Collaborates with AI / ML and data science teams to integrate security into AI product lifecycle.

Provides subject matter expertise, guidance and strategic advice to internal and external stakeholders, including business and IT colleagues to guide the implementation of security frameworks, enable security management and provide recommendations for effective governance.

Leads consultations / collaborations with enterprise architects, IT, business, and compliance teams to implement effective security governance ensuring FSRA adheres to relevant security regulations, policies, and industry best practices; leads consultations and project status meetings to provide updates, discuss risk and mitigation security strategies.

Defines and enforces secure coding standards and practices across development teams through mentorship, training, and testing.

Evaluates and implementsapplication security tools for SAST, DAST, and SCA for continuous identification, remediation, and reporting of software vulnerabilities. Integrate application security tools with other enterprise tools such as SIEM, IAM, ITSM, etc.

Responds to emerging threats by adjusting security architecture and guiding incident response planning.

Works with stakeholders across the organization, including IT teams, business units, and management, to ensure alignment and understanding of security requirements.

Prepares reports and delivers presentations to senior management, providing technical direction to teamsand management related to complex security issues.

Qualifications

Education

Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field - or a combination of education, training and experience deemed equivalent.

Professional certifications such as CISSP, CISA, CISM, SABSA, CCSP, Azure Security Engineer.

Experience

7+ years of progressive experience in cybersecurity, with at least 3 years focused on security architecture, including identifying, assessing, and mitigating security risks.

Experience working in regulatory agency or with a regulated financial organization, an asset

Technical / Core Skills

In-depth knowledge of on-prem and cloud-based technology platforms such as firewalls, operating systems, databases, containers, web services, data lakes, etc.

Demonstrated expertise in cybersecurity with the ability to foster security awareness across technical functions and businesses, with proven application of end-to-end cybersecurity architecture.

Advanced experience with enterprise IT processes such as patch management, release management, identity and access management, change management, etc.

In-depth knowledge of,and experience with,enterprise security standards and frameworks(e.g., SABSA, NIST CSF, ISO 27001, PCI DSS, PIPEDA, CIS, OWASP), cloud security, application security, and security architecture principles.

Proven knowledge andcurrency with emerging threats and technologies and pproficiency with security concepts and technologies (e.g., SBOM, zero-trust, disaster recovery, extended detection & response, application security posture management, identity threat detection & response, quantum cryptography, encryption, cloud-native security tools,vulnerability scanners, SAST tools, DAST tools).

Strategic influencing skills to present information, insights and recommendations to senior leadership on issues related to security standards, risks, strategies and implementation.

Demonstrated analytical and strategic thinking skills and be able to synthesize information from multiple sources to determine inter-relationships and security impacts to FSRA’s IT and business; toconduct incident investigation, forensic data analysis, and threat identification.

Proficiency in security tools, forensic analysis, and incident detection and response technologies.

Proven communication, consultative and advisory skills to act as a lead security resource and be able to communicate complex technical information to both technical and non-technical audiences while clearly articulating risk to the business.

Proven project management skills to manage corporate and cross-program security projects and initiatives.

Job Posting End Date :

09 / 04 / 2025

Job postings close at 11 : 59pm on the date noted.

Compensation Grade : Grade 07-AMAPCEO

Compensation Range : 88,496.00

128,625.00

Bargaining Unit : AMAPCEO

Job Code : Job Code : 7A001F

Employment Type :

Fixed Term (Fixed Term)

Scheduled Weekly Hours :

36.25

FSRA is committed to ensuring equity in employment. Our goal is to create a diverse, inclusive workforce that reflects the communities we serve and to ensure our services and communications are accessible to all individuals. Accommodation is available under the Ontario Human Rights Code.

NOTE : ONLY QUALIFIED CANDIDATES WILL BE CONSIDERED