Senior Enterprise Security ArchitectAAAI Press • Thorold, Niagara Region, CA

Senior Enterprise Security Architect

AAAI Press • Thorold, Niagara Region, CA

Il y a 8 jours

Type de contrat

Temps plein

Description de poste

Job Summary

Reporting to the IT Security Manager, the Senior Enterprise Security Architect is responsible for leading the technical design, strategy, and overall insight related to the planning and implementation and validation of new or updated enterprise security environments and services. This role is responsible for leading the logistical development and integration of network and security policies and systems across the IT department, as well as ensuring strategic alignment of enterprise IT standards, practices, and policies. This position will also assess, design, develop, and implement various security, network, threat, vulnerability and incident response disciplines, shared services solutions, and will also be the primary subject matter expert for security related requests.

Important Notices

This position currently falls within our hybrid model, allowing the employee to typically work a minimum of 50% of your time at your regular work location and the other 50% of time at home.

Education

Bachelor’s degree in information technology, Computer Science or related discipline

Post-Secondary courses in any of the following : computer forensics and security, cloud architecture and security is preferred.

One or more cyber security certifications (CISSP, CISM, CEH, CCSP, CSSLP, OSCP,) is preferred

One or more architecture certifications (Azure Solutions Architect, Azure Cyber Security Architect, SABSA, TOGAF, CISSP-ISSAP) is preferred

Microsoft Azure Network Engineer, Azure Security Engineer Associate is considered an asset

PMP certification is considered an asset

An equivalent combination of education and experience may be considered.

Knowledge

10 years’ experience in Information Systems and Technology in a medium-to-large-sized data center and network security and design environment focused on :

Microsoft products, such as Entra, Active Directory, Windows Operating Systems, , Office Productivity Suites, Security Product Suites,

Network appliances and technologies i.e. CISCO, Aruba,VPN, Load Balancing, NAC Security appliances and technologies i.e. NextGen Firewalls (NGFW), Web Application Firewall (WAF), , PAM, Vulnerability Management tools, Exposure Management solutions, and Web Application Scanning tools

Threat Management technologies i.e. Cortex XDR, Microsoft XDR, SIEM solutions (e.g. Azure Sentinel, Splunk), external threat monitoring tools, and SOAR / AI technologies

5 years of experience in disaster recovery planning and incident response planning.

In-depth knowledge of data center environments and security related tools and technologies, security best practices and policies, and IT compliance and regulations.

5 years of project leadership or management experience is preferred.

In-depth knowledge of Security Operation Centers (SOC).

Experience with PCI-DSS compliance.

Experience in monitoring the threat landscape, mapping potential applicable threats, and ethical hacking methodologies, including threat hunting methods

Experience with application security, and programming / scripting skills using Python, PowerShell, and other programming languages

Experience in vulnerability assessment of end points, switches, routers, gateways, servers, storage, storage area networks, firewalls, applications, web services, cloud services, etc.

Experience with Azure Cloud technologies, and cloud security products (CASB, SASE, SSE) including email security

Maintain currency of knowledge on current and emerging security trends, including but not limited to cloud-based services, IoT, etc.

Understanding of IT information, process, system, technology architectures and models

Good oral, written, interpersonal and organizational skills

Strong analytical, reasoning and problem-solving skills

Responsibilities

IT Security Strategy and Design (25% of time)

Designs, implements, and provides on-going support of enterprise-wide infrastructure architecture(s) and data / security systems integrations.

Provides security related planning and technical direction and consultation for data center and disaster recovery sites, including : wide area network, server infrastructure, storage, backup, disaster recovery .

Evaluate, identify, document, and assess process functions, security weaknesses, vulnerabilities and controls.

Coordinates and leads the development of business case proposals for IT Security initiatives in conjunction with input by other IT peers and departments.

Provides key concepts and expertise towards the development of long-term security strategies to ensure the confidentiality, integrity, and availability of the overall enterprise IT infrastructure .

Acts as technical lead and participates in committees and work groups across areas and departments to address specific projects and issues.

Provides IT Security architectural expertise, advice, direction, and assistance to the IT team.

Disaster Recovery, Business Continuity and Incident Response – Design and Problem Solving (20% of time)

Ensures the availability of all critical corporate infrastructure technologies and highly sensitive data such as Financial Systems, Microsoft Messaging, mobile device management services and all externally public facing systems hosted at and for the Region.

Collaborates in the architectural design and implementation of complex enterprise disaster recovery plans in accordance with established recovery time objectives and recovery point objectives.

Identifies vulnerable areas within the Region’s critical infrastructure functionalities and provide / execute on those recommendations.

Recommends and implements disaster avoidance and business impact reduction strategies.

Directs and coordinates staff and other departmental key staff for testing of disaster recovery and incident response playbook strategies.

Develops and leads the implementation of an incident reporting system as it relates to the network and system security infrastructure.

Security Network and Administration – Design and Strategy (10% of time)

Champions network design and administration tasks for the primary and secondary disaster recover sites, and develops the guiding principles and framework which establishes network and integration standards, continuous improvement methods, and security models

Designs network solutions for the Niagara Region or external invested parties, ensuring the integrity, security, and safeguarding of data is completed by applying a complex set of disciplines in the process. Incorporates and uses the base foundation of the CIA (availability, integrity, and confidentiality) model to mitigate data leakage risks, or exposure of Niagara Region’s network and server systems internally or externally

Designs and implementation of security tools with data, performance and availability in mind to minimize traffic bottlenecks, and to ensure appropriate sizing .

Leads the research on emerging products, services, protocols, and standards in support of contingency planning and development efforts and recommends technologies that will increase cost effectiveness, systems flexibility, integrate seamlessly into the enterprise environment.

Security and Administration – Design, Implementation and Operation (30% of time)

Defines security frameworks for existing and new systems which include developing, implementing, maintaining policies, standards, guidelines, and procedures.

Establishes, and implements a breach management policy and response plan. Deals with issues that are abstract in nature, and not easily identifiable.Able to disseminate changing data on the fly, in order to thwart any given attack method utilized.Identifies and assembles ad-hoc mitigation plans when required.

Designs and defines methods to ensure encryption standards are formulated and standardized in order to safeguard data integrity and confidentiality.

Monitors security logs from technical security controls for intrusion detection.

Determines and implement log aggregation and analysis strategies for distributed system and network security devices.

Actively recommend changes to establish methods and procedures, suggests alternative solutions and new methods to improve quality and increase productivity.

Works with IT team to design, co-ordinate, and direct activities to implement and maintain a network security infrastructure including wired and wireless systems and handheld mobiles, against internal and external intrusion threats.

Implements security services (firewalling, EDR – endpoint detection / response), identities and accesses management products (PAM), anti-virus, anti-spam, trusted time sources, content management, file integrity tools, audit and IDS products, and encryption tools.

Performs Cyber Threat and Vulnerability management tasks in accordance with established programs and directed by the IT Security Manager

Conducts regular review of Indicators of Attack (IoAs) and Indicators of Compromise (IoCs) derived from all available sources (e.g., SIEM, NGFW, Logs from Systems and Security Tools) to assess the real and material threats and vulnerabilities

Performs ethical hacking activities at the direction of management, as well as perform programming, and related scripting duties

Tunes the SIEM, and all security related tools to recognize real and actionable threats from security information and events collected

Creates playbooks to automate the response for actionable threats and link them to risk objects

Optimizes the collection, processing, and analysing parameters to improve the efficiency of the SIEM, XDR, and security technologies

Creates and evolve new / existing rules in security tools to accommodate new and evolving threats

Performs proactive threat hunting in a systemic and iterative manner throughout the environment to detect and isolate threats

Performs threat-based risk assessments on systems and services and effectiveness of controls

Assesses discovered / identified threats, obtained through subscribed feeds and recommend appropriate actions to reduce exposure and ensuring risks remains within the tolerance levels

Reviews, develop and report on appropriate metrics for the Threat / Vulnerability Management solutions, performance, exception and compliance and ensure continuous improvements of such metrics

Develops and document guidelines, processes and procedures for review and approval and implement approved procedures to secure IT environment

Liaises between departments to develop and implement approved security standards and guidelines

Maintains broad awareness of threat and vulnerability trends including changes to legislations and regulatory frameworks

Raises awareness of good security practices to all levels of the organization and perform security awareness and learning duties as directed

Advises on security practices for all IT projects as required

Policy and Guiding Principles Development (15% of time)

Develops policies (i.e. Incident Response, Data Encryption policies), including the research, analysis, consultation and synthesis of information to produce the recommendations.

Enforces data center security guidelines, processes, policies and change controls to promote the stability, efficiency, and effectiveness of regional infrastructure.

Informs and mentors other staff members on their responsibilities concerning IT business policies and procedures, and accompanying emergency response documentation.

Ensures effective corporate and regional policies and standards are followed, in co-ordination with current network internal / external controls.

Contributes to the creation and sustainment of technology frameworks (e.g. regional / corporate architectures, methodologies, tools, techniques and standards).

Assist and provide input into policies and processes around data security and business continuity, with a focus on best practices and techniques.

Perform other related duties and responsibilities as assigned or required.

Special Requirements

In accordance with the Corporate Criminal Record Check Policy, the position requires the incumbent to undergo a Criminal Records Check and submit a Canadian Police Clearance Certificate.

Must maintain ability to travel in a timely manner to other offices, work locations or sites as authorized by the Corporation for business reasons.

May be required to support emergency operations under the incident management structure, at the direction of the Emergency Operations Centre Director

Regional staff strive to enable the strategic priorities of council and the organization through the completion of their work. Staff carry out their work by demonstrating the corporate values.

#J-18808-Ljbffr

Créer une alerte emploi pour cette recherche

Enterprise Architect • Thorold, Niagara Region, CA

Offres similaires

Senior Enterprise Security Architect

AAAI Press • Thorold

Temps plein

Dernière mise à jour : il y a 2 jours • Offre sponsorisée

Business Intelligence Architect Developer - EXL

EXL • st catharines, on, ca

Temps plein

We are seeking a highly skilled.Business Intelligence Architect / Developer.The ideal candidate will have strong expertise in. Design, develop, and maintain BI reports, dashboards, and visualizations ...Voir plus

Dernière mise à jour : il y a 18 heures • Offre sponsorisée • Nouvelle offre

Senior Enterprise Security Architect

Niagara Region • Thorold

Temps plein

Dernière mise à jour : il y a 23 jours • Offre sponsorisée

AEP Architect - Galent

Galent • st catharines, on, ca

Temps plein

We are seeking a motivated Junior Solution Architect to support the design and implementation of marketing solutions within the Adobe Experience Cloud ecosystem, with a focus on Adobe Experience Pl...Voir plus

Dernière mise à jour : il y a 18 heures • Offre sponsorisée • Nouvelle offre

Collision Center Manager

CSN Collision • Saint Catharines, ON, Canada

Temps plein

CSN Collision safely repairs more than 200,000 vehicles a year helping Canadians get back on the road with the trust and comfort of knowing their vehicle has been returned to like new condition.Sin...Voir plus

Dernière mise à jour : il y a plus de 30 jours • Offre sponsorisée

Microsoft Dynamics 365 Architect - st catharines

Evolvous Limited • st catharines, on, ca

Temps plein

Title : Senior Microsoft D365 Solution Architect (Pre-Sales exp needed).Must be legally eligible to work in Canada.Interview Process : Will have to attend an interview in-person (Total 3 rounds of In...Voir plus

Dernière mise à jour : il y a 10 heures • Offre sponsorisée • Nouvelle offre

Technical Business System Analyst - Signature IT World Inc

Signature IT World Inc • st catharines, on, ca

Temporaire

Required Skills & Qualifications.Technical Business Systems Analyst.Oracle PLSQL DB and Java-based enterprise applications. Strong SQL skills for data analysis and validation.Experience with REST AP...Voir plus

Dernière mise à jour : il y a 16 heures • Offre sponsorisée • Nouvelle offre

Senior Java Software Engineer - Ascendion

Ascendion • st catharines, on, ca

Temps plein

Ascendion is a full-service digital engineering solutions company.We make and manage software platforms and products that power growth and deliver captivating experiences to consumers and employees...Voir plus

Dernière mise à jour : il y a 12 heures • Offre sponsorisée • Nouvelle offre

Stormwater Management Engineer

UCC • Saint Catharines, ON, Canada

Temps plein +1

Salary : $45,000 - $60,000 for junior, up to $120,000 for intermediate • Work on a variety of local projects with an end result you can see • Opportunities to deepen your kno...Voir plus

Dernière mise à jour : il y a plus de 30 jours • Offre sponsorisée

Business Intelligence Architect Developer

EXL • st catharines, on, ca

Temps plein

Dernière mise à jour : il y a 18 heures • Offre sponsorisée • Nouvelle offre

Business Intelligence Architect Developer - st catharines

EXL • st catharines, on, ca

Temps plein

Dernière mise à jour : il y a 18 heures • Offre sponsorisée • Nouvelle offre

Affiliates BD Manager / Leader (Crypto Exchange, North American Market)

Toobit • st catharines, on, ca

Temps plein

As a Business Development Manager / Leader, you will be responsible for building and managing relationships with key affiliates, KOLs, and trading partners in your region. You will bring in high-quali...Voir plus

Dernière mise à jour : il y a 18 heures • Offre sponsorisée • Nouvelle offre

AEP Architect

Galent • st catharines, on, ca

Temps plein

Dernière mise à jour : il y a 18 heures • Offre sponsorisée • Nouvelle offre

Manager

Tim Hortons • Saint Catharines, ON, Canada

Temps plein

Join our growing team! We are looking for a Restaurant Manager!.As a Restaurant Manager, you are an enthusiastic role model and motivate team members to deliver exceptional service for every guest,...Voir plus

Dernière mise à jour : il y a plus de 30 jours • Offre sponsorisée

Enterprise Account Executive

Network Talent • st catharines, on, ca

Temps plein

Enterprise Account Executive – Canada.Established over two decades ago, our client is a global HRTech powerhouse trusted by some of the world’s most recognisable brands, including Samsung, CVS and ...Voir plus

Dernière mise à jour : il y a 25 jours • Offre sponsorisée

Project Manager

Next Match AI • st catharines, on, ca

Temps plein

Project Manager – AI & Digital Projects.Toronto, ON (Hybrid / Remote-Friendly).CAD per year (Commensurate with experience). Our AI platform connects verified candidates directly to employers’ system...Voir plus

Dernière mise à jour : il y a 16 heures • Offre sponsorisée • Nouvelle offre

Microsoft Dynamics 365 Architect

Evolvous Limited • st catharines, on, ca

Temps plein

Dernière mise à jour : il y a 10 heures • Offre sponsorisée • Nouvelle offre

Affiliates BD Manager / Leader (Crypto Exchange, North American Market) - Toobit

Toobit • st catharines, on, ca

Temps plein

Dernière mise à jour : il y a 18 heures • Offre sponsorisée • Nouvelle offre