Security Architect (ID#4888)

New Value Solutions, a national IT consulting company, is seeking a Security Architect to join the Cyber Security and Risk Management Branch of the organization. The ideal candidate will have extensive experience at a senior level in the following, including, but not limited to:

• Information Security standards (ISO 27001) and frameworks.
• Security architecture components and controls.
• Defense-in-depth security practices.

Responsibilities:

• Participate in technical architecture design reviews to ensure infrastructure and application designs adhere to security policies, guidelines, and standards.
• Collaborate with the Solution Architects and vendors in identifying cloud security requirements and secure integration of Applications, Endpoint, Network, and Cloud solutions.
• Analyze the current IT environments to detect critical security deficiencies, identify gaps in processes and recommend solutions for improving security posture.
• Keep up-to-date on security industry best-practices and market trends, determine their potential impact on the enterprise, and provide leadership for adapting security advancements into the business.
• Evaluate emerging technologies and suggest suitable security controls. Be responsive and decisive on adjusting architecture as per customers' requirements, market conditions and technology evolve.
• Partner with solutioning team to facilitate the evaluation and selection of hardware, software technology and cloud solutions, as well as document the security architecture design of software and solution configurations.
• Ensure existing data/information assets are identified, classified, and protected across the enterprise. Balance the need for access to information against security and performance requirements.
• Ensure information security is built into architecture solutions to address all identified risks to assets within the organization, meet regulatory and legislative compliance while ensuring security solutions are leveraged across the organization.
• Prepare security advisory on existing technology platforms.
• Aid and support to the Security Risk, Governance, Compliance, and Operations functions.
• Provide advisory for security vulnerability remediation and risk mitigation.

Requirements:

• 8+ years of experience as a Security Architect.
• Experience performing information security design assessments & gap analysis.
• Experience designing and implementing defense-in-depth information security controls and concepts for critical application and data environments.
• Experience designing and implementing for cybersecurity maturity programs/projects.
• Demonstrated experience in the application of ISO 27001/2 standards and/or other security compliance frameworks.
• Demonstrated track record of successfully performing security reviews to ensure adherence with security guidelines and standards.
• Demonstrated experience working collaboratively with other project participants to identify security requirements for infrastructure and application environments including securing the integration of endpoint, network, and cloud solutions.
• Working experience with information security tools and concepts such as IAM, SSO, IPS/IDS, wireless security, firewalls, vulnerability management, penetration testing, VPN, PKI, LDAP, AD, SAML, SIEM.
• Demonstrated understanding and working experience with web technologies such as application servers and cloud services.
• A self-starter with professional accountability.
• Communication skills, with the ability to present ideas, strategies, theories and plans to all levels of the organization in a manner consumable for the audience.
• Organizational skills, with the ability to multitask and set clear timelines for expected deliverables.
• Collaborative skills and a consultative approach with the capability of problem solving.
• Achievement of industry accredited security certifications: such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP) plus The Open Group Architecture Framework (TOGAF), and/or SANS Institute Global Information Assurance Certification (GIAC) will be considered an asset.

If you have this expertise and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those candidates who are shortlisted will be contacted.

ID# 4888

The hourly rate range for this position is $90-$115, with the final rate based on consultant experience and fit for the role.