Experience: 10+ years Location: Montreal Hybrid: 3 days in office
The mission of the SecDesign team is to provide security architecture assessments of technology systems and processes to identify business risks and recommend remedial actions based on established security standards or best practices.
The SecDesign Generalist acts as an internal consultant, performing multiple security architecture and design assessments across diverse technologies. The Integrator collaborates globally with Technology, Business, Suppliers, Stakeholders, and Partners to perform SecDesign assessments.
The role also includes working with a global team to modernize the firm’s SDLC platform, enabling deployment automation to private/public cloud endpoints and SaaS‑based tooling.
Lead SecDesign deep dives with assessment requestors
Prioritize risks relative to business impact
Conduct assessments and provide technology risks/requirements across:
Authentication, Authorization, Auditing
Application Security (session security, vulnerability/Pen Testing, input validation)
Secure data transport and storage
Network Security principles
Cloud Security principles
Periodically review and update security reference architecture
Participate in Operational and Technology Risk governance processes
Identify new areas and opportunities for technology investment
Excellent written, oral, presentation, and listening skills
Ability to influence through factual reasoning
Strong time management; ability to handle multiple concurrent assessments
Delivery‑focused under short timelines and senior‑management involvement
Ability to adjust communication of technology risks vs. business risks
Required — In‑depth knowledge of application, network, and platform vulnerabilities; ability to explain them to developers
Required — Experience conducting Information Security / IT Security / Audit assessments and presenting outcomes
Required — Strong ability to review technical designs and functional requirements to identify security weaknesses
Required — Knowledge of Cloud Service Providers (AWS/Google/Azure), DevOps, CI/CD
Required — Working experience in at least three of the following domains:
Authentication: SAML, SiteMinder, Kerberos, OpenID
Entitlements & identity management
Data protection, DLP, secure data transfer/storage
Application Security (validation checking, attack methodologies)
Cryptography (encryption, hashing)
Desired — Experience administering:
Version control (Bitbucket, GitHub)
Issue tracking (Jira)
CI (Jenkins, GitHub Actions)
Release management
Desired — Knowledge of network models, risks at each layer, and functions of switches, routers, firewalls, proxies, VPNs, load‑balancers
Desired — Working knowledge of major operating systems (Unix, Windows, z/OS, Mac OS), enterprise configuration/management, platform security risks
Desired — Experience with testing tools: Veracode, Fortify, OunceLabs, AppScan, WebInspect, Burp
Required — Background in programming, design, and application architecture
Required — Experience implementing complex enterprise applications
Required — Working knowledge of:
Java, JavaScript, C#, C/C++, Perl, Python, Ruby
Desired — In‑depth knowledge of web technologies (browsers, servers, services)
Frameworks, protocols, subsystems: J2EE, .NET, Spring, RPC, SOAP, MQSeries, JMS, RMI, JMX, Hibernate
Knowledge of JSP/Servlet/EJB or ASP.NET, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex/Silverlight
Database design and programming experience
Experience liaising with 3rd‑party entities (exchanges, suppliers, regulators)
Experience conducting/reviewing penetration tests, dynamic/static vulnerability assessments
Understanding of geographic regulations and their impact on security assessments
Financial Services experience preferred
CISSP or other industry qualification
Desired — Experience working with global organizations
Security Design Architect - Application and Cloud Security • Montreal, QC, ca
Job Title -Security Awareness Engineer – ZenGuide / Proofpoint (L3 / SME).We are seeking a highly skilled.L3 Security Awareness Engineer.Security Awareness Program using.This role goes beyond compl... Show more
A digital health company is seeking a Senior Security Specialist in Montreal to lead security architecture and manage incidents across cloud environments.Responsibilities include developing securit... Show more
A leading investment management firm is looking for a Cloud Security Engineer to design and implement secure cloud environments on AWS and Azure.The role requires expertise in cloud security and co... Show more
With 40 years of expertise, LGI Healthcare Solutions develops technological software for the healthcare network.We specialize in providing solutions for clinical, financial and material management,... Show more
Lead advanced cybersecurity initiatives with Mandiant as a Principal Forward Deployed Cloud Security Architect.Engage in designing secure cloud environments while interacting with Canada's nati... Show more
Inclusion without Exception: Tata Consultancy Services (TCS) is an equal opportunity employer, and embraces diversity in race, nationality, ethnicity, gender, age, physical ability, neurodiversity,... Show more
ELITS - Part of Accelerate at Iver.Notre société mère, Iver, compte aujourd’hui 1700 employés et poursuit sa croissance.Nous sommes maintenant à la recherche de nouveaux talents souhaitant se joind... Show more
Become a leader in secure application architecture as a Senior Security Architect.Focus on developing comprehensive security strategies to ensure the integrity of cloud-based solutions.This senior ... Show more
Our parent company Iver has 1,700 employees today and is growing and now we are looking for new employees who want to join our journey.As part of Accelerate at Iver, you are at the absolute forefro... Show more
As a senior business strategy advisor, you help develop plans and business intelligence; monitor business plans and performance; set targets; identify opportunities to improve service delivery; and... Show more
Transform global security architecture as a Strategic Information Security Architect.Spearhead cloud migration security strategies while ensuring systems are secure and compliant.This pivotal role ... Show more
The L3 Security Awareness Engineer is responsible for owning and driving enterprise wide Security Awareness using Proofpoint Zen Guide.This role focuses on behaviour change, human risk reduction, a... Show more
A leading cybersecurity solutions company is seeking a Cybersecurity Specialist (GCP) to enhance their Cybersecurity Program.The role involves developing comprehensive security strategies in cloud ... Show more
We are a software‑focused IT solutions and services provider that equips organizations to be agile and innovative, and for their people to be engaged, connected, and creative at work.That means mov... Show more
We are currently hiring a \"Data Protection & Cyber Resilience Architect\" for one of our client based out in Canada.Please apply if you are interested.Title: Data Protection & Cyber Resilience Arc... Show more
Title – Security Awareness Engineer Zenguide / Proofpoint.The L3 Security Awareness Engineer is responsible for owning and driving enterprise wide Security Awareness using Proofpoint ZenGuide.This ... Show more
Senior Role – Data Protection & Cyber Resilience Architect (IBM / Hybrid Platform).Leads the architecture, modernization, and integration of enterprise data protection and cyber resiliency platform... Show more
A healthcare technology company is seeking an experienced Security Architect responsible for designing and implementing security within their architecture.The role involves collaborating with cross... Show more
Lead application security initiatives as a Lead Application Security Architect.Oversee the integration of security standards in web, mobile, API, and microservices, driving continuous improvement a... Show more
A technology consulting company is seeking a Cyber Security Solutions Architect to deliver secure, scalable technology solutions.This remote position requires significant expertise in IT, particula... Show more
){kind=logo}
