Security Architect

Job Description

Security ArchitectWe’re a naan traditional company…

Summary

Reporting to the VP, IT Risk Management, you will be responsible for the FGF Brands Group in assessing, designing, and guiding the implementation of network, software and computer security structures and identify opportunities for process and continuous improvement while optimizing the security apparatus.

The successful candidate will develop a complete understanding of the organization’s systems, networks, risk appetite, maintaining key relationships within the IT Organization, and develop robust security practices to ensure the journey of the organization towards frameworks such as CIS and NIST frameworks.

What FGF Offers:

• FGF believes in Home Grown Talent, accelerated career growth with leadership training. Unleashing Your Potential
• Competitive Compensation, Health Benefits, & a generous flexible medical / Health spending account
• RRSP matching program
• Tuition reimbursement
• Discount program that covers almost everything under the sun - Restaurants, gyms, shopping etc

Primary Responsibilities

• Collaborate with VP, IT Risk Management to establish an effective cyber security risk management program.

• Plan, research, and develop robust security architectures for systems and networks and define security assurance requirements based on industry standards and cyber security policies and practices

• Define and review technology and information systems, and ensure security requirements are met often crossing multiple technology domains

• Recognize appropriate disaster recovery plans and business continuity functions, including any failover or backup requirements for system restoration

• Research current and emerging technologies to understand capabilities of required networks or systems

• Supervise vulnerability testing, conduct risk analyses and security assessments and provide remediation guidance.

• Ensure the acquired or developed systems and architectures are consistent with FGF Groups’ cyber security policies and practices

• Perform security reviews and identify gaps or determine the capability of security architectures, integrations and designs (e.g. firewall, virtual private networks, routers, servers, etc.), and develop a security risk management plan

• Conduct User or Departmental training camps/seminars/presentations to disseminate pertinent security information/training when a cyber security situation demands

• Document and address FGF’s information security, cyber security architecture, and systems security engineering requirements throughout a system life cycle

• Prepare technical reports that document the architecture development process

• Advise the leader on security requirements and risk management process activities

• Support incident management and post-analysis advising on recovery operations

• Develop, deliver, and oversee related cyber security training material and educational efforts related to role

• Ensure compliance with the changing laws and applicable regulations

• Other tasks as assigned within the scope of security and controls

Requirements of the Role:

• Technical expertise with ability to execute projects in a fast-paced environment.

• Ability to collaborate with various teams, especially IT Infrastructure team and liaise with various business departments.

• Outside the box thinking skills to ensure security in spite of various restrictions and limitations

• Articulate technical scenarios with senior leaders in a manner to gain trust and acceptance

• Attention to detail

Technical Skills:

• Network security, encryption, identity & access management (IAM).

• Secure SDLC, threat modeling, security frameworks (NIST, ISO 27001, MITRE ATT&CK)

• Cloud security (AWS, Azure, GCP)

• Tools: SIEMs, firewalls, VPNs, EDR/XDR, container security, Identity and Accesss Management (IAM)

• Zero Trust architecture

• Risk Assessment & Threat Modeling

• Secure SDLC

Experience:

• 8-10+ years in IT, with at least 3-5 years focused on cybersecurity.

• Hands-on experience designing secure systems, networks, or applications

• Exposure to Zero Trust Architecture, cloud security, DevSecOps, and IT risk management

Education and Professional Certifications:

• Bachelor’s degree in computer science, Information Security, Engineering, or a related field.

• Master’s degree (optional but advantageous) in Cybersecurity, Information Systems, or Technology Management.

• SABSA or TOGAF; CISSP, CISM, and/or GIAC Enterprise Security Architect (GSEA) or Security Essentials (GIAC)

• Azure Security Engineer Associate

What is the recipe for a great career at FGF? Working at FGF Brands, there is never a dull moment! As a successful company that is continually growing there is always challenging yet rewarding work to be a part of.We have an entrepreneurial spirit which encourages all our team members to use their own creativity and out of the box thinking to come up with solutions and new ideas.

In compliance with Ontario’s Bill 190, we confirm that this posting represents a current, existing vacancy within our organization.

Disclaimer: The above describes the general responsibilities, required knowledge and skills. Please keep in mind that other duties may be added or this description may be amended at any time.

IT

#LI-ONSITE

#LI-SS2