Talent.com
Security Architect (SecDesign Integrator – Cloud & App Security)
Security Architect (SecDesign Integrator – Cloud & App Security)Astra North Infoteck Inc. • Laval, Qc
No longer accepting applications
Security Architect (SecDesign Integrator – Cloud & App Security)

Security Architect (SecDesign Integrator – Cloud & App Security)

Astra North Infoteck Inc. • Laval, Qc
30+ days ago
Job type
  • Full-time
Job description
Security Architect (SecDesign Integrator – Cloud & App Security)

Experience: 10+ years

Location : Montreal

Hybrid: Required 3 days in office

Job Description
The mission of the SecDesign team is to provide security architecture assessments of technology systems and processes to identify business risks and recommend remedial action based on established security standards or security best practices. The SecDesign Generalist is an internal consultant that is working on multiple security architecture and design assessments spanning multiple classes of technologies. It is an opportunity to get involved in multiple business units and technologies inherent to the mission of SecDesign. The Integrator works with team members (Technology, Business, Suppliers, Stakeholders and Partners) globally to perform SecDesign assessments. To be successful as an Integrator the candidate must have broad technology experience coupled with risk management, communication, and time management skills. The candidate will also be working with a global team of experts on modernizing the Firm’s SDLC platform to enable deployment automation to private and public cloud endpoints and SaaS-based tooling. This role affords the opportunity to get in on the ground floor to help build the next generation of development and deployment tooling across a diverse set of tech stacks for the next decade

A SecDesign Generalist has the following responsibilities:
1. Lead SecDesign deep dives with the requestor of the assessment.
2. Prioritize risks identified in relation to business risks.
3. Conduct assessment and provide technology risk/requirements to the requestor. Areas covered:
a. Authentication, Authorization, Auditing
b. Application Security – Session Security, Vulnerability/Pen Testing items, Input Validation
c. Secure data transport and storage
d. Network Security Principles and best practices.
e. Cloud Security Principles and best practices
1. Periodically review security reference architecture (security blueprints) and conduct updates/enhancements.
2. Participate in various Operational and Technology Risk governance processes.
3. Assist in identifying new areas and opportunities of technology investment for the firm.
Skills and Experience
Soft Skills (Required)
1. Excellent communication skills: written, oral, presentation, listening.
2. Ability to influence through factual reasoning.
3. Time management: ability to handle multiple concurrent assessments, plan based deliverable management, strong follow up and tracking.
4. Strong focus on delivery when presented with short timelines and increased involvement from senior management.
5. Ability to adjust communication of technology risks vs business risks based on the audience.

Security Architecture Skills
1. Required – In depth knowledge of application, network, and platform security vulnerabilities. Ability to explain these vulnerabilities to developers.
2. Required – Experience in conducting Information Security, IT Security, Audit assessments. Presenting the outcomes of the assessment and obtaining buy in.
3. Required – Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
4. Required – Knowledge of Cloud Service Providers (AWS/Google/Azure) cloud, DevOps and CI/CD
5. Required – The candidate must have working experience in at least three of the following application/network security domains:
a. Authentication: SAML, SiteMinder, Kerberos, OpenId
b. Entitlements and identity management
c. Data protection, data leakage prevention and secure data transfer and storage
d. App Security - validation checking, software attack methodologies.
e. Cryptography – encryption and hashing
6. Desired - Prior experience administering systems for version control (Bitbucket, Github), issue tracking (Jira), continuous integration (Jenkins, Github Actions), or release management.
7. Desired – Knowledge of standard network model and the risks that present at each layer, the functions of network equipment such as switches, routers, firewalls, proxies, VPNs, and load-balancers, and understanding of common network architectures.
8. Desired - The candidate must have working knowledge of the primary operating systems (Unix, Windows, z/OS, Mac OS), the configuration and management of that platform at an enterprise scale, the security risks to that platform, and how to mitigate those risks.
9. Desired - experience in testing tools, at least one of Veracode, Fortify, OunceLabs, AppScan, WebInspect, Burp
Development Experience
1. Required – Even though the SecDesign Integrator role is not a development role, the candidate must have previous background in programming, design, and application architecture.
2. Required – In order to be a practical SecDesign Integrator the candidate must have experience implementing complex applications in an enterprise environment.
3. Required – working knowledge of programming and scripting languages: Java, JavaScript, C#, C/C++, Perl, Python, Ruby
4. Desired – In-depth knowledge of web technologies such as Web Browsers, Web Servers, Web Services
Other Areas of Expertise
1. Frameworks, protocols, and subsystems: J2EE, .NET, Spring, RPC, SOAP, MQSeries, JMS, RMI, JMX, Hibernate.
2. Knowledge of JSP /Servlet/EJB or ASP.NET, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex / Silverlight.
3. Database design and programming experience
4. Experience of liaising with 3rd Party Entities (exchanges, suppliers, regulators)
5. Experience in conducting and / or reviewing penetration tests, dynamic vulnerability assessments and static vulnerability assessments.
6. Understanding of geographic regulations and their impact on Security assessments
7. Previous experience in Financial Services is preferred.
8. CISSP or other industry qualification
9. Desired – experience working with global organizations.

Create a job alert for this search

Security Architect (SecDesign Integrator – Cloud & App Security) • Laval, Qc

Similar jobs

Senior Security Architect - Remote, Equity, Impact

CliniaMontreal
Remote
Full-time

A digital health company is seeking a Senior Security Specialist in Montreal to lead security architecture and manage incidents across cloud environments.Responsibilities include developing securit...Show more

 • Promoted

Senior Enterprise Architect – Cloud Data & Security Remote

Insight Enterprises, Inc.Montreal, Montreal (administrative region), CA
Remote
Full-time

Une entreprise technologique de premier plan cherche un Architecte d'Entreprise à Calgary.Ce rôle exige un leader technique senior capable de gérer des projets complexes et de collaborer avec des c...Show more

 • Promoted

Senior Cloud Security Architect

LGI Healthcare SolutionsMontreal (administrative region), QC, CA
Full-time

With 40 years of expertise, LGI Healthcare Solutions develops technological software for the healthcare network.We specialize in providing solutions for clinical, financial and material management,...Show more

 • Promoted

AI Security Architect & Growth Leader

HumanagencyMontreal, Montreal (administrative region), CA
Full-time

A forward-thinking tech company is seeking a Chief Information Security Officer (CISO) to define and execute security strategies focusing on AI systems.This hands-on position requires deep experien...Show more

 • Promoted

Senior Tech Architect - Secure Cloud & Integration (Remote)

KyndrylMontreal (administrative region), QC, CA
Remote
Full-time

A leading technology services firm is seeking a Senior Technology Architect to design secure, enterprise-level access solutions for a public sector client based in Ottawa.This remote role requires ...Show more

 • Promoted

Cloud Security Architect

Elits Canada Inc.Montreal (administrative region), QC, CA
Full-time

Our parent company Iver has 1,700 employees today and is growing and now we are looking for new employees who want to join our journey.As part of Accelerate at Iver, you are at the absolute forefro...Show more

 • Promoted

Cloud Security Architect for Global Strategies

ColliersMontreal (administrative region), QC, CA
Full-time

Shape security architecture for a global landscape as a Cloud Security Architect.Lead initiatives in cloud migration while implementing advanced security measures across platforms like GCP and Azur...Show more

 • Promoted

Experienced M365 Solutions Architect for Cloud Collaboration and Security

Cambay SolutionsMontreal (administrative region), QC, CA
Full-time

Drive enterprise collaboration and security as an expert M365 Solutions Architect.Design, implement, and optimize Microsoft 365 solutions for improved productivity and compliance in a remote-capabl...Show more

 • Promoted

Cybersecurity Architect Driving Security for Dental Labs Worldwide

EviSmartMontreal, Montreal (administrative region), CA
Full-time

Become a pivotal player as the Cybersecurity & Platform Security Lead, tasked with architecting security measures for dental labs' digital infrastructure.Your direct involvement will ensure safety ...Show more

 • Promoted

Solutions Security Architect - Cloud Networks

Ubisoft EntertainmentMontreal (administrative region), QC, CA
Full-time

Solutions Security Architect - Cloud Networks.Ubisoft is a global leader in gaming with teams across the world creating original and memorable gaming experiences, from Assassin’s Creed, Rainbow Six...Show more

 • Promoted

Cloud Security Architect

ELITSMontreal (administrative region), QC, CA
Full-time

ELITS - Part of Accelerate at Iver.Notre société mère, Iver, compte aujourd’hui 1700 employés et poursuit sa croissance.Nous sommes maintenant à la recherche de nouveaux talents souhaitant se joind...Show more

 • Promoted

Remote Cloud Security Architect: DevSecOps & Risk Leader

Intuitive.aiMontreal (administrative region), QC, CA
Remote
Full-time

A leading cybersecurity solutions company is seeking a Cybersecurity Specialist (GCP) to enhance their Cybersecurity Program.The role involves developing comprehensive security strategies in cloud ...Show more

 • Promoted

Enterprise Architect Transforming Client Operations in Cloud and Security

InsightMontreal (administrative region), QC, CA
Full-time

Take the lead in technological transformations as an Enterprise Architect.Drive initiatives in cloud, security, and data modernization while cultivating executive-level client relationships remotel...Show more

 • Promoted

Lead Security Engineer Driving Cloud Security and Risk Management

MimicaMontreal (administrative region), QC, CA
Full-time

Shape the future of security as a Lead Security Engineer focused on cloud-native platforms.Oversee critical security initiatives to enhance organizational security posture in a dynamic environment....Show more

 • Promoted

Salesforce Solutions Architect – Integrations & Security

Intellibee IncMontreal (administrative region), QC, CA
Full-time

A technology solutions provider is seeking a Salesforce Solutions Expert to design and implement secure, scalable Salesforce solutions.The candidate must have several Salesforce certifications and ...Show more

 • Promoted

Remote Security Architect - Cloud & App Security Lead

AGFA HealthCareMontreal (administrative region), QC, CA
Remote
Full-time

A healthcare technology company is seeking an experienced Security Architect responsible for designing and implementing security within their architecture.The role involves collaborating with cross...Show more

 • Promoted

Innovative Director for Cloud Solution Architecture and Security

FortinetMontreal (administrative region), QC, CA
Full-time

Become the key architect and innovator within a transformative cloud solutions environment.This director role emphasizes strategic planning and security integration for extensive cloud projects tha...Show more

 • Promoted

Cloud Security Architect – Integrations & Infrastructure

CMA CGMMontreal
Full-time

A global shipping company in Montreal is looking for a skilled Security Engineer to join their Global Cybersecurity team.The role involves designing and implementing security solutions, performing ...Show more