Experience: 10+ years Location: Montreal Hybrid: 3 days in office
The mission of the SecDesign team is to provide security architecture assessments of technology systems and processes to identify business risks and recommend remedial actions based on established security standards or best practices.
The SecDesign Generalist acts as an internal consultant, performing multiple security architecture and design assessments across diverse technologies. The Integrator collaborates globally with Technology, Business, Suppliers, Stakeholders, and Partners to perform SecDesign assessments.
The role also includes working with a global team to modernize the firm’s SDLC platform, enabling deployment automation to private/public cloud endpoints and SaaS‑based tooling.
Lead SecDesign deep dives with assessment requestors
Prioritize risks relative to business impact
Conduct assessments and provide technology risks/requirements across:
Authentication, Authorization, Auditing
Application Security (session security, vulnerability/Pen Testing, input validation)
Secure data transport and storage
Network Security principles
Cloud Security principles
Periodically review and update security reference architecture
Participate in Operational and Technology Risk governance processes
Identify new areas and opportunities for technology investment
Excellent written, oral, presentation, and listening skills
Ability to influence through factual reasoning
Strong time management; ability to handle multiple concurrent assessments
Delivery‑focused under short timelines and senior‑management involvement
Ability to adjust communication of technology risks vs. business risks
Required — In‑depth knowledge of application, network, and platform vulnerabilities; ability to explain them to developers
Required — Experience conducting Information Security / IT Security / Audit assessments and presenting outcomes
Required — Strong ability to review technical designs and functional requirements to identify security weaknesses
Required — Knowledge of Cloud Service Providers (AWS/Google/Azure), DevOps, CI/CD
Required — Working experience in at least three of the following domains:
Authentication: SAML, SiteMinder, Kerberos, OpenID
Entitlements & identity management
Data protection, DLP, secure data transfer/storage
Application Security (validation checking, attack methodologies)
Cryptography (encryption, hashing)
Desired — Experience administering:
Version control (Bitbucket, GitHub)
Issue tracking (Jira)
CI (Jenkins, GitHub Actions)
Release management
Desired — Knowledge of network models, risks at each layer, and functions of switches, routers, firewalls, proxies, VPNs, load‑balancers
Desired — Working knowledge of major operating systems (Unix, Windows, z/OS, Mac OS), enterprise configuration/management, platform security risks
Desired — Experience with testing tools: Veracode, Fortify, OunceLabs, AppScan, WebInspect, Burp
Required — Background in programming, design, and application architecture
Required — Experience implementing complex enterprise applications
Required — Working knowledge of:
Java, JavaScript, C#, C/C++, Perl, Python, Ruby
Desired — In‑depth knowledge of web technologies (browsers, servers, services)
Frameworks, protocols, subsystems: J2EE, .NET, Spring, RPC, SOAP, MQSeries, JMS, RMI, JMX, Hibernate
Knowledge of JSP/Servlet/EJB or ASP.NET, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex/Silverlight
Database design and programming experience
Experience liaising with 3rd‑party entities (exchanges, suppliers, regulators)
Experience conducting/reviewing penetration tests, dynamic/static vulnerability assessments
Understanding of geographic regulations and their impact on security assessments
Financial Services experience preferred
CISSP or other industry qualification
Desired — Experience working with global organizations
Application Security Architect • Montreal, QC, ca
A career as a DevSecOps lead on the Asset Protection team at National Bank means serving as a specialist in application security, vulnerability management and DevSecOps practises.This position allo... Show more
Elevate information security for TELUS as a Senior Bilingual Security Architect on the Compliance Team.Leverage your expertise in cybersecurity and compliance to enhance government contract securit... Show more
Talent Acquisition Leader | Hiring Cloud Professionals Globally.Cloud is one of the fastest-growing (INC 5000, CRN) Cloud & SDx solution and services companies supporting enterprise customers on a ... Show more
Elevate your career with NTT DATA as an Information Security Risk Assessment Analyst in Montreal, Quebec.This role is designed for seasoned professionals passionate about enhancing security process... Show more
Security Architect / Security Controls Architect.Location: Montreal, QC, H2M 1H7, Canada.Security Architect / Security Controls Architect.Strong background in application security, API security and... Show more
Our client is hiring an SAP Security Architect.Location: Montreal or Greater Toronto Area.Workplace Type: Hybrid – Onsite 4 days/week mandatory.Salary: $117,560 to $154,300 (offers vary commensurat... Show more
EXFO develops smarter network test, monitoring, and analytics solutions for the world’s leading telecommunications service providers, network equipment manufacturers, and web-scale companies—and we... Show more
A leading cybersecurity company is seeking a PreSales Channel Security Expert in Montreal to develop joint strategies and collaborate with partners.This role requires 5-8 years of experience in tec... Show more
Join ShareGate as an Application Security Manager, focusing on integrating security in software development.This technical position combines coding with security expertise in a collaborative team e... Show more
Elevate security governance at Morgan Stanley as a Senior Security Architecture Specialist, blending remote and on-site collaboration.Your role will focus on translating compliance into actionable ... Show more
Join Securitas as an Electronic Security Architect, where your expertise will enhance client connections through innovative technology solutions.This role is central to our sales strategy for elect... Show more
Transform global security architecture as a Strategic Information Security Architect.Spearhead cloud migration security strategies while ensuring systems are secure and compliant.This pivotal role ... Show more
We are looking for a SecOps Solutions Architect to join our Advisory team and support sales and service delivery initiatives focused on the Microsoft Security Stack.This role plays a key part in he... Show more
Led by Rodolphe Saadé, the CMA CGM Group, a global leader in shipping and logistics, serves more than 420 ports around the world on five continents.With its subsidiary CEVA Logistics, a world leade... Show more
Take the lead as an Application Security Manager at Workleap, focusing on security integration in Microsoft 365 products.Your coding and security skills will be key to our innovative solutions.In t... Show more
We're seeking someone to join our team as a Senior Security Architecture Specialist in Cyber to be responsible for the security design tooling standards across the firm – translating compliance obl... Show more
You will join the Security and Risk Management department as a Solution Security Architect (also referred to as Embeds) focused on Identity and Devices topics.By integrating deeply with teams, you ... Show more
A leading investment firm in Montreal seeks an experienced Advisor, Information Security Architecture to enhance its security framework.Responsibilities include conducting risk assessments, impleme... Show more
Our parent company Iver has 1,700 employees today and is growing and now we are looking for new employees who want to join our journey.As part of Accelerate at Iver, you are at the absolute forefro... Show more
SecDesign Security Architect – Contract – Montreal, QC (Hybrid, 3 days onsite per week).The mission of the SecDesign team is to provide security architecture assessments of technology systems and p... Show more
