Talent.com
Astra North Infoteck Inc.
Threat Modeler / Security Architect – AI Security, Cloud & DevSecOpsAstra North Infoteck Inc. • Toronto, ON, ca
Threat Modeler / Security Architect – AI Security, Cloud & DevSecOps

Threat Modeler / Security Architect – AI Security, Cloud & DevSecOps

Astra North Infoteck Inc. • Toronto, ON, ca
3 days ago
Job type
  • Full-time
  • Quick Apply
Job description
Job Description

Threat Modeler / Security Architect – AI Security, Cloud & DevSecOps

Must Have Technical/Functional Skills

Security Architecture & Threat Modeling

• Threat Modeler and Security Architect with a strong development background.
• Experience in Artificial Intelligence, Machine Learning, and Data Science with expertise in enterprise architecture, AI product security, and digital transformation.
• Strong hands-on experience with cloud-native architectures, including AWS and GCP.
• Experience with secure AI system development, AI governance, and cybersecurity best practices.
• Experience with threat modeling frameworks, attack vectors, and vulnerability analysis, including:
• CAPEC
• ATT&CK
• STRIDE

Application Security & DevSecOps

• Experience with application security controls across:
• Web applications
• APIs
• Mobile applications
• AI systems
• Knowledge of security frameworks and standards, including:
• NIST 800-53
• NIST Cybersecurity Framework (CSF)
• OWASP ASVS
• Experience with Application Security design and DevSecOps practices.
• Full-stack knowledge of application architectures, including:
• Single Page Applications
• REST APIs
• SOAP APIs
• Mobile applications
• Experience with:
• Java
• JavaScript
• Mobile application development

Database, Cloud & Identity Security

• Knowledge of database architectures, including:
• Oracle
• SQL
• DB2
• NoSQL databases
• Experience with cloud security architecture, design, implementation, and operations.
• Exposure to IAM controls, including:
• OAuth 2.0
• OIDC
• JWT
• Strong understanding of cryptography controls:
• Data at rest
• Data in motion

Certifications

• Preferred certifications:
• CISSP
• CISM
• CSSLP
• CISA
• CRISC
• OSCP

Key Responsibilities

Threat Modeling & Security Assessment

• Conduct security risk assessments of applications based on system design and application code implementation.
• Develop and manage security governance processes and procedures for:
• Threat modeling programs
• Application security design
• DevSecOps programs
• Assist in developing threat modeling governance documentation.
• Develop reports for management related to:
• Residual risk
• Non-compliance
• Review security controls with application owners to ensure requirements are implemented.
• Validate security control implementation against scanning tool outputs to support auditability and verification.

Security Governance & Compliance

• Work with information security leadership to develop strategies and plans to enforce threat modeling and address control gaps.
• Monitor and track compliance with application owners to ensure security controls are implemented as planned.
• Assist application teams with security standard exceptions identified through threat modeling.
• Develop and define security metrics and criteria for information security programs.

Secure Design & Engineering Enablement

• Develop, maintain, update, and enhance:
• Secure design patterns
• Secure coding standards
• Threat libraries
• Socialize secure design patterns and secure coding standards with engineering teams.
• Provide threat modeling consultation and guidance to application teams.
• Enable strong developer and customer experience while collaborating with application teams.
• Develop innovative attack techniques to evaluate protective designs and existing mitigations.

Security Strategy & Architecture

• Participate in developing strategies for information security processes and programs.
• Document current and future state security capabilities using industry-leading technologies to improve IT risk management and data protection.
• Provide security awareness and education on industry trends, efforts, and statistics.
• Recommend resource types and skillsets required to address security project and process challenges.
• Support investment decisions through business cases and cost-benefit analysis.

Agile Delivery & Collaboration

• Facilitate Agile events to help teams deliver value incrementally and iteratively.
• Support Program Increment (PI) execution through team-level events and collaboration with Release Train Engineers (RTE).
• Support teams in achieving PI objectives.
• Provide consultation and advice to assess information security risks and implement controls to protect intellectual property and sensitive data.





Requirements
Sailpoint
Create a job alert for this search

Threat Modeler / Security Architect – AI Security, Cloud & DevSecOps • Toronto, ON, ca

Similar jobs

Senior Threat Risk Architect – InfoSec & Risk

Rubicon PathToronto, ON, CA
Full-time

A leading security consultancy in Toronto is seeking a Senior Security Specialist to assess threats and implement security measures.The ideal candidate will have expertise in security architecture ... Show more

 • Promoted

AI Security Architect & Growth Leader

HumanagencyToronto, Ontario, Canada
Full-time

A forward-thinking tech company is seeking a Chief Information Security Officer (CISO) to define and execute security strategies focusing on AI systems.This hands-on position requires deep experien... Show more

 • Promoted

Senior Security Engineer - Threat Modeling - C$150,025 - C$194,150 A Year - Remote

SamsaraToronto, Canada
Remote
Full-time

Senior Security Engineer to lead threat modeling, assess risks, and collaborate with engineering teams to improve software security and compliance within Samsara's environment. Show more

 • Promoted

AI Security Associate Architect

PowerToFlyToronto, ON, CA
Full-time

Are you excited by the opportunity to shape how AI-powered products are designed and secured at enterprise scale?.Join Thomson Reuters as an AI Security Associate Architect, where you will help def... Show more

 • Promoted

Senior Security Advisor, Threat Modeller

IntactToronto, ON, CA
Full-time

Our pension offerings provide flexibility and long-term security for our employees beyond their careers.We are one of the few companies offering the opportunity to receive guaranteed income for lif... Show more

 • Promoted

AWS Security Solutions Architect Role

Amazon Web Services (AWS)Toronto, ON, CA
Full-time

Elevate AWS's security profile as a Senior Solutions Architect focused on Security Services.Help enterprise clients secure their cloud environments while maximizing the use of AWS tools.This foundi... Show more

 • Promoted

Senior MS Security Architect

SoftchoiceToronto
Full-time

Toronto, ON, CA • GA, US • Ottawa, ON, CA • Dallas, TX, US • Oakville, ON, CA • British Columbia, CA • Nova Scotia, CA • FL, US • MI, US • Calgary, AB, CA • AB, CA.We are a software-focused IT solu... Show more

 • Promoted

Azure Cloud Security Architect – Zero-Trust Leader

WSP in CanadaToronto, Ontario, Canada
Full-time

A leading consulting firm in Canada is seeking a Cloud Security Architect to design and maintain Azure security architecture across regions.This role requires extensive experience in information se... Show more

 • Promoted

Expert Security Architecture

Global Talent Alliance, CanadaToronto, Ontario, Canada
Full-time

About the job Expert Security Architecture.The purpose of this role is to evaluate cloud solutions, configurations, and designs against security requirements, and define cybersecurity reference arc... Show more

 • Promoted

Senior Security Advisor, Threat Modeller

Intact Financial CorporationToronto, ON, CA
Full-time

Pay at Intact is about much more than just salary.Multiple benefits offered to support.Wellness account and much more.Share plan & other savings: up to.Employee Share Purchase Plan (ESPP) – with In... Show more

 • Promoted

Security Architect & Strategy Lead (SECOPS)

nugget.aiToronto, ON, CA
Full-time

A leading technology firm is seeking a Lead Security Analyst responsible for securing applications and infrastructure while shaping technology strategy across the organization.The role entails coll... Show more

 • Promoted

Senior AI Security & Risk Architect

TDToronto, ON, CA
Full-time

A leading financial institution in Toronto is searching for a Senior Information Security Specialist to provide technology risk advice and consultation to various business partners.This role involv... Show more

 • Promoted

Lead Cloud Security Architect - Celestica

CelesticaToronto, Ontario, Canada
Full-time

Join Celestica as a Lead Cloud Security Architect to enhance the security landscape of cloud environments and SaaS applications.Your expertise in cloud technologies will be pivotal for compliance a... Show more

 • Promoted

Strategic Presales Security Architect - Mid-Market

Fortinet, Inc.Toronto, ON, CA
Full-time

A leading cybersecurity company in Canada is seeking a Presales Security Expert for the Mid-Market.This role involves assisting in sales from a technical standpoint, providing training post-sales, ... Show more

 • Promoted

Security Architect

AGFA HealthCareToronto, ON, CA
Full-time

We are hiring an experienced security Architect who is responsible for designing and implementing security within our architecture.This role involves working closely with cross-functional teams (en... Show more

 • Promoted

Cyber Security Architect

Intuitive.aiToronto, ON, CA
Full-time

Talent Acquisition Leader | Hiring Cloud Professionals Globally.Cloud is one of the fastest-growing (INC 5000, CRN) Cloud & SDx solution and services companies supporting enterprise customers on a ... Show more

 • Promoted

Solution Architect- Cloud and Security

DelpathToronto, Ontario, Canada
Full-time

Location: Hybrid - Toronto and Scarborough (3–4 days onsite).Contract Duration: 6 months with high possibility of extension & conversion to FTE Hiring Manager: Information Security Senior Manager R... Show more

 • Promoted

Platform Security Lead: Architect & Threat Modeling

AquanowToronto, Ontario, Canada
Full-time

A leading technology firm in Canada is seeking a seasoned Platform Security Engineer to lead all aspects of platform security.The ideal candidate will enhance security practices, guide engineering ... Show more

 • Promoted

Cloud Security Architect (REQ #337)

WSP in CanadaToronto, Ontario, Canada
Full-time

What if you could redefine what's possible?.We are the home of ambitious, passionate, and innovative world shapers.With an unmatched breadth and depth of engineering, advisory and science-based exp... Show more

 • Promoted

Security Architect

5V VideoToronto, Canada
Full-time

Embedded Systems Architect – Media Distribution | Broadcast & Streaming TechnologyAbout the Role A well-established media distribution technology company is looking for a seniorEmbedded Systems... Show more