Talent.com
Senior Enterprise Security Architect
Senior Enterprise Security ArchitectISACA • Thorold, Niagara Region, CA
Senior Enterprise Security Architect

Senior Enterprise Security Architect

ISACA • Thorold, Niagara Region, CA
21 hours ago
Job type
  • Full-time
Job description

Job Summary

Reporting to the IT Security Manager, the Senior Enterprise Security Architect is responsible for leading the technical design, strategy, and overall insight related to the planning and implementation and validation of new or updated enterprise security environments and services. This role is responsible for leading the logistical development and integration of network and security policies and systems across the IT department, as well as ensuring strategic alignment of enterprise IT standards, practices, and policies. This position will also assess, design, develop, and implement various security, network, threat, vulnerability and incident response disciplines, shared services solutions, and will also be the primary subject matter expert for security related requests.

Important Notices

  • This position currently falls within our hybrid model, allowing the employee to typically work a minimum of 50% of your time at your regular work location and the other 50% of time at home.

Education

  • Bachelor’s degree in information technology, Computer Science or related discipline
  • Post-Secondary courses in any of the following : computer forensics and security, cloud architecture and security is preferred.
  • One or more cyber security certifications (CISSP, CISM, CEH, CCSP, CSSLP, OSCP,) is preferred
  • One or more architecture certifications (Azure Solutions Architect, Azure Cyber Security Architect, SABSA, TOGAF, CISSP-ISSAP) is preferred
  • Microsoft Azure Network Engineer, Azure Security Engineer Associate is considered an asset
  • PMP certification is considered an asset
  • An equivalent combination of education and experience may be considered.

    • Knowledge

  • 10 years’ experience in Information Systems and Technology in a medium-to-large-sized data center and network security and design environment focused on :
  • Microsoft products, such as Entra, Active Directory, Windows Operating Systems, , Office Productivity Suites, Security Product Suites,
  • Network appliances and technologies i.e. CISCO, Aruba,VPN, Load Balancing, NAC Security appliances and technologies i.e. NextGen Firewalls (NGFW), Web Application Firewall (WAF), , PAM, Vulnerability Management tools, Exposure Management solutions, and Web Application Scanning tools
  • Threat Management technologies i.e. Cortex XDR, Microsoft XDR, SIEM solutions (e.g. Azure Sentinel, Splunk), external threat monitoring tools, and SOAR / AI technologies
  • 5 years of experience in disaster recovery planning and incident response planning.
  • In-depth knowledge of data center environments and security related tools and technologies, security best practices and policies, and IT compliance and regulations.
  • 5 years of project leadership or management experience is preferred.
  • In-depth knowledge of Security Operation Centers (SOC).
  • Experience with PCI-DSS compliance.
  • Experience in monitoring the threat landscape, mapping potential applicable threats, and ethical hacking methodologies, including threat hunting methods
  • Experience with application security, and programming / scripting skills using Python, PowerShell, and other programming languages
  • Experience in vulnerability assessment of end points, switches, routers, gateways, servers, storage, storage area networks, firewalls, applications, web services, cloud services, etc.
  • Experience with Azure Cloud technologies, and cloud security products (CASB, SASE, SSE) including email security
  • Maintain currency of knowledge on current and emerging security trends, including but not limited to cloud-based services, IoT, etc.
  • Understanding of IT information, process, system, technology architectures and models
  • Good oral, written, interpersonal and organizational skills
  • Strong analytical, reasoning and problem-solving skills

    • Responsibilities

    IT Security Strategy and Design (25% of time)

  • Designs, implements, and provides on-going support of enterprise-wide infrastructure architecture(s) and data / security systems integrations.
  • Provides security related planning and technical direction and consultation for data center and disaster recovery sites, including : wide area network, server infrastructure, storage, backup, disaster recovery .
  • Evaluate, identify, document, and assess process functions, security weaknesses, vulnerabilities and controls.
  • Coordinates and leads the development of business case proposals for IT Security initiatives in conjunction with input by other IT peers and departments.
  • Provides key concepts and expertise towards the development of long-term security strategies to ensure the confidentiality, integrity, and availability of the overall enterprise IT infrastructure .
  • Acts as technical lead and participates in committees and work groups across areas and departments to address specific projects and issues.
  • Provides IT Security architectural expertise, advice, direction, and assistance to the IT team.

    • Disaster Recovery, Business Continuity and Incident Response – Design and Problem Solving (20% of time)

  • Ensures the availability of all critical corporate infrastructure technologies and highly sensitive data such as Financial Systems, Microsoft Messaging, mobile device management services and all externally public facing systems hosted at and for the Region.
  • Collaborates in the architectural design and implementation of complex enterprise disaster recovery plans in accordance with established recovery time objectives and recovery point objectives.
  • Identifies vulnerable areas within the Region’s critical infrastructure functionalities and provide / execute on those recommendations.
  • Recommends and implements disaster avoidance and business impact reduction strategies.
  • Directs and coordinates staff and other departmental key staff for testing of disaster recovery and incident response playbook strategies.
  • Develops and leads the implementation of an incident reporting system as it relates to the network and system security infrastructure.

    • Security Network and Administration – Design and Strategy (10% of time)

  • Champions network design and administration tasks for the primary and secondary disaster recover sites, and develops the guiding principles and framework which establishes network and integration standards, continuous improvement methods, and security models
  • Designs network solutions for the Niagara Region or external invested parties, ensuring the integrity, security, and safeguarding of data is completed by applying a complex set of disciplines in the process. Incorporates and uses the base foundation of the CIA (availability, integrity, and confidentiality) model to mitigate data leakage risks, or exposure of Niagara Region’s network and server systems internally or externally
  • Designs and implementation of security tools with data, performance and availability in mind to minimize traffic bottlenecks, and to ensure appropriate sizing .
  • Leads the research on emerging products, services, protocols, and standards in support of contingency planning and development efforts and recommends technologies that will increase cost effectiveness, systems flexibility, integrate seamlessly into the enterprise environment.

    • Security and Administration – Design, Implementation and Operation (30% of time)

  • Defines security frameworks for existing and new systems which include developing, implementing, maintaining policies, standards, guidelines, and procedures.
  • Establishes, and implements a breach management policy and response plan. Deals with issues that are abstract in nature, and not easily identifiable.Able to disseminate changing data on the fly, in order to thwart any given attack method utilized.Identifies and assembles ad-hoc mitigation plans when required.
  • Designs and defines methods to ensure encryption standards are formulated and standardized in order to safeguard data integrity and confidentiality.
  • Monitors security logs from technical security controls for intrusion detection.
  • Determines and implement log aggregation and analysis strategies for distributed system and network security devices.
  • Actively recommend changes to establish methods and procedures, suggests alternative solutions and new methods to improve quality and increase productivity.
  • Works with IT team to design, co-ordinate, and direct activities to implement and maintain a network security infrastructure including wired and wireless systems and handheld mobiles, against internal and external intrusion threats.
  • Implements security services (firewalling, EDR – endpoint detection / response), identities and accesses management products (PAM), anti-virus, anti-spam, trusted time sources, content management, file integrity tools, audit and IDS products, and encryption tools.
  • Performs Cyber Threat and Vulnerability management tasks in accordance with established programs and directed by the IT Security Manager
  • Conducts regular review of Indicators of Attack (IoAs) and Indicators of Compromise (IoCs) derived from all available sources (e.g., SIEM, NGFW, Logs from Systems and Security Tools) to assess the real and material threats and vulnerabilities
  • Performs ethical hacking activities at the direction of management, as well as perform programming, and related scripting duties
  • Tunes the SIEM, and all security related tools to recognize real and actionable threats from security information and events collected
  • Creates playbooks to automate the response for actionable threats and link them to risk objects
  • Optimizes the collection, processing, and analysing parameters to improve the efficiency of the SIEM, XDR, and security technologies
  • Creates and evolve new / existing rules in security tools to accommodate new and evolving threats
  • Performs proactive threat hunting in a systemic and iterative manner throughout the environment to detect and isolate threats
  • Performs threat-based risk assessments on systems and services and effectiveness of controls
  • Assesses discovered / identified threats, obtained through subscribed feeds and recommend appropriate actions to reduce exposure and ensuring risks remains within the tolerance levels
  • Reviews, develop and report on appropriate metrics for the Threat / Vulnerability Management solutions, performance, exception and compliance and ensure continuous improvements of such metrics
  • Develops and document guidelines, processes and procedures for review and approval and implement approved procedures to secure IT environment
  • Liaises between departments to develop and implement approved security standards and guidelines
  • Maintains broad awareness of threat and vulnerability trends including changes to legislations and regulatory frameworks
  • Raises awareness of good security practices to all levels of the organization and perform security awareness and learning duties as directed
  • Advises on security practices for all IT projects as required

    • Policy and Guiding Principles Development (15% of time)

  • Develops policies (i.e. Incident Response, Data Encryption policies), including the research, analysis, consultation and synthesis of information to produce the recommendations.
  • Enforces data center security guidelines, processes, policies and change controls to promote the stability, efficiency, and effectiveness of regional infrastructure.
  • Informs and mentors other staff members on their responsibilities concerning IT business policies and procedures, and accompanying emergency response documentation.
  • Ensures effective corporate and regional policies and standards are followed, in co-ordination with current network internal / external controls.
  • Contributes to the creation and sustainment of technology frameworks (e.g. regional / corporate architectures, methodologies, tools, techniques and standards).
  • Assist and provide input into policies and processes around data security and business continuity, with a focus on best practices and techniques.

    • Perform other related duties and responsibilities as assigned or required.

    Special Requirements

  • In accordance with the Corporate Criminal Record Check Policy, the position requires the incumbent to undergo a Criminal Records Check and submit a Canadian Police Clearance Certificate.
  • Must maintain ability to travel in a timely manner to other offices, work locations or sites as authorized by the Corporation for business reasons.
  • May be required to support emergency operations under the incident management structure, at the direction of the Emergency Operations Centre Director
  • Regional staff strive to enable the strategic priorities of council and the organization through the completion of their work. Staff carry out their work by demonstrating the corporate values.

    • #J-18808-Ljbffr

    Create a job alert for this search

    Enterprise Architect • Thorold, Niagara Region, CA

    Similar jobs
    Forensic Engineer SME

    Forensic Engineer SME

    Mitigateway • st catharines, on, ca
    Full-time
    We believe that by embedding expert forensic reasoning into scalable AI, we can transform the way risk is understood and adjudicated in property insurance losses. We build enterprise-grade generativ...Show more
    Last updated: 30+ days ago • Promoted
    Technology Enterprise Architect

    Technology Enterprise Architect

    KPMG Canada • St. Catharines
    Full-time
    Be among the first 25 applicants.Get AI-powered advice on this job and more exclusive features.At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause turn...Show more
    Last updated: 15 days ago • Promoted
    Forensic Engineer SME - Mitigateway

    Forensic Engineer SME - Mitigateway

    Mitigateway • st catharines, on, ca
    Full-time
    We believe that by embedding expert forensic reasoning into scalable AI, we can transform the way risk is understood and adjudicated in property insurance losses. We build enterprise-grade generativ...Show more
    Last updated: 30+ days ago • Promoted
    Oracle Cloud Senior Technical Lead

    Oracle Cloud Senior Technical Lead

    ArcLight Consulting • st catharines, on, ca
    Full-time
    ArcLight Consulting, an Addison Group Company, is dedicated to ensuring that Cloud Solutions clients are successful with their investment. For over 15 years, ArcLight experts have provided guidance ...Show more
    Last updated: 30+ days ago • Promoted
    Forensic Engineer SME - st catharines

    Forensic Engineer SME - st catharines

    Mitigateway • st catharines, on, ca
    Full-time
    We believe that by embedding expert forensic reasoning into scalable AI, we can transform the way risk is understood and adjudicated in property insurance losses. We build enterprise-grade generativ...Show more
    Last updated: 30+ days ago • Promoted
    Collision Center Manager

    Collision Center Manager

    CSN Collision • Saint Catharines, ON, Canada
    Full-time
    CSN Collision safely repairs more than 200,000 vehicles a year helping Canadians get back on the road with the trust and comfort of knowing their vehicle has been returned to like new condition.Sin...Show more
    Last updated: 30+ days ago • Promoted
    Chief Information Officer

    Chief Information Officer

    Avanti Software Inc. • Welland, Niagara Region, Canada
    Full-time
    At the City of Welland, we're continuously rewriting our story.Not because we don't know where we're going, but because we are constantly reaching for new heights, engaging in new approaches, and p...Show more
    Last updated: 8 days ago • Promoted
    Senior Commercial Analyst

    Senior Commercial Analyst

    PenFinancial Credit Union • Welland, ON, Canada
    Full-time
    Be a part of something different.We may offer the same products and services as a big bank, but we couldn’t be more different. We’re rooted in purpose and we’re on a mission t...Show more
    Last updated: 30+ days ago • Promoted
    Oracle Cloud Senior Technical Lead - st catharines

    Oracle Cloud Senior Technical Lead - st catharines

    ArcLight Consulting • st catharines, on, ca
    Full-time
    ArcLight Consulting, an Addison Group Company, is dedicated to ensuring that Cloud Solutions clients are successful with their investment. For over 15 years, ArcLight experts have provided guidance ...Show more
    Last updated: 30+ days ago • Promoted
    Guidewire Engineer

    Guidewire Engineer

    BuzzClan • st catharines, on, ca
    Full-time
    Guidewire PolicyCenter Configuration – Senior.Year Contract (Extension Possible).Guidewire PolicyCenter Configuration Developer. GOSU, Java, and web development.The ideal candidate will be hands-on ...Show more
    Last updated: 30+ days ago • Promoted
    Senior Manager, Information Security

    Senior Manager, Information Security

    Meridian Credit Union • St. Catharines
    Full-time
    Senior Manager, Information Security at Meridian Credit Union.Join to apply for this senior role.The position is currently accepting applications and we encourage early submission.At Meridian we in...Show more
    Last updated: 6 days ago • Promoted
    Stormwater Management Engineer

    Stormwater Management Engineer

    UCC • Saint Catharines, ON, Canada
    Full-time +1
    Salary : $45,000 - $60,000 for junior, up to $120,000 for intermediate • Work on a variety of local projects with an end result you can see • Opportunities to deepen your kno...Show more
    Last updated: 30+ days ago • Promoted
    Senior Information Security Leader – Hybrid & CSIRT

    Senior Information Security Leader – Hybrid & CSIRT

    Meridian Credit Union • St. Catharines
    Full-time
    A leading Canadian credit union is seeking a highly experienced Senior Manager of Information Security to lead their cybersecurity team. This pivotal role involves developing and mentoring team memb...Show more
    Last updated: 6 days ago • Promoted
    Chief Information Officer — Digital Strategy & Services

    Chief Information Officer — Digital Strategy & Services

    Avanti Software Inc. • Welland, Niagara Region, Canada
    Full-time
    A municipal government organization in the Niagara Region is seeking a Chief Information Officer to lead its IT operations and strategic initiatives. This role includes overseeing the execution of t...Show more
    Last updated: 8 days ago • Promoted
    Manager

    Manager

    Tim Hortons • Saint Catharines, ON, Canada
    Full-time
    Join our growing team! We are looking for a Restaurant Manager!.As a Restaurant Manager, you are an enthusiastic role model and motivate team members to deliver exceptional service for every guest,...Show more
    Last updated: 30+ days ago • Promoted
    Guidewire Engineer - BuzzClan

    Guidewire Engineer - BuzzClan

    BuzzClan • st catharines, on, ca
    Full-time
    Guidewire PolicyCenter Configuration – Senior.Year Contract (Extension Possible).Guidewire PolicyCenter Configuration Developer. GOSU, Java, and web development.The ideal candidate will be hands-on ...Show more
    Last updated: 30+ days ago • Promoted
    Successfactors ESM Specialist - Accion Labs

    Successfactors ESM Specialist - Accion Labs

    Accion Labs • st catharines, on, ca
    Full-time
    Proficiency in IT Service Management principles, knowledge of AI-powered workflows, and the ability to manage a centralized knowledge base. SAP SuccessFactors Enterprise Service Management SAP C4C c...Show more
    Last updated: 3 days ago • Promoted
    Oracle Cloud Senior Technical Lead - ArcLight Consulting

    Oracle Cloud Senior Technical Lead - ArcLight Consulting

    ArcLight Consulting • st catharines, on, ca
    Full-time
    ArcLight Consulting, an Addison Group Company, is dedicated to ensuring that Cloud Solutions clients are successful with their investment. For over 15 years, ArcLight experts have provided guidance ...Show more
    Last updated: 30+ days ago • Promoted