Search jobs > Toronto, ON > Principal architect

Principal Cybersecurity Architect

Questrade Financial Group
5700 Yonge St, North York, ON M2M 4K2, Canada
$83.1K-$114.3K a year (estimated)
Full-time

Principal Cybersecurity Architect

5700 Yonge St, North York, ON M2M 4K2, Canada Req #2758 Thursday, July 4, 2024 Questrade Financial Group (QFG) of Companies is committed to helping our customers become much more financially successful and secure.

We are everything a traditional financial institution is not. At QFG, you will be constantly moving forward, bringing the future of fintech into existence.

You will be a part of a collaborative team that cares deeply about our mission and each other. Your team members will help you conquer challenges, push boundaries and discover what you are truly capable of.

This is a place where you can explore, discover and learn with continuous growth. As a diverse and inclusive place to work, there are flexible working arrangements so you can unleash your creativity and curiosity with no limits.

If you share the same sense of infinite possibility, come shape your future at Questrade.

What’s in it for you as an employee of QFG?

  • Health & wellbeing resources and programs
  • Paid vacation, personal, and sick days for work-life balance
  • Competitive compensation and benefits packages
  • Hybrid and flexible work arrangements
  • Career growth and development opportunities
  • Opportunities to contribute to community causes
  • Work with diverse team members in an inclusive and collaborative environment

What’s it like working as a Principal Cybersecurity Architect at Questrade?

As a Principal Cybersecurity Architect, you will work in the CISO organization and report to the Manager of Cybersecurity Engineering.

You will use your subject matter expertise to continuously enhance the organizational cybersecurity posture and architect security solutions that will minimize cybersecurity risk to our systems, information and customers in the highly regulated financial services industry.

You will support engineering velocity in alignment with business priorities, enterprise risk appetite, information security policy and standards, cybersecurity strategy and target architecture.

Your expertise will drive enhancements to the application security program and the enterprise S-SDLC.

Need more details? Keep reading

  • Design and formally document, using QFG-defined methodology, the security architecture of our line of businesses (journeys), products, and solutions
  • Drive the design and implementation of new solutions that will enhance our security controls and support our existing and future financial service offerings and platforms
  • Identify gaps, architect solutions and develop business cases with clear justifications and cost / benefit analyses for cybersecurity initiatives and annual budget planning
  • Successfully communicate security risks, challenges and opportunities to leadership and internal stakeholders within engineering departments
  • Utilize your strong interpersonal and consulting skills and work collaboratively with technology peers within the CISO and CIO organizations, including enterprise architecture, cloud engineering and infrastructure areas, to enhance our application security posture and offer security guidance and advisory services.
  • Participate in threat risk assessments and IT change management initiatives to assess change-driven application security risks that are out of compliance with Information Security policy, cybersecurity standards or best practices and provide mitigation guidance
  • Participate in the due diligence process to assess the application security posture of M&A targets, quantify the risk, suggest remediations and produce detailed reports
  • Produce extensive high-quality documentation, architecture diagrams, and presentations and support the development of cybersecurity documentation, policies, standards, and procedures
  • Utilize your knowledge in application security frameworks, guidelines and best practices such as NIST CSF & SSDF, OWASP SAMM, BSIMM and similars to identify gaps and drive S-SDLC improvements with the organization

So are YOU our next Principal Cybersecurity Architect ? You are if you

  • 10+ years of combined cybersecurity experience on domains related to application security and security architecture
  • Prior experience as enterprise / solutions architect, devops engineer or software engineering role
  • Extensive knowledge of the S-SDLC, it’s underlying processes and demonstrable experience in all of the stages therein
  • Extensive knowledge of application security concepts and practices, including threat modeling, designing and implementing secure application architectures, designing and implementing secure build and secure deploy infrastructure and processes
  • Extensive knowledge of cloud computing concepts and solutions, including public, private, and hybrid cloud
  • Proven experience architecting solutions for the cloud, with bonus points for Google Cloud experience
  • Strong experience with microservices architectures, IaC, containers and Kubernetes environments
  • Deep knowledge of defense-in-depth and zero-trust concepts in a cloud-native environment, e.g. applying authorization policies at gateways, sidecars and application layers, and trusted sub-zones
  • Experience with performing security reviews and Threat Risk Assessments
  • Possess relevant security, application security and security architecture certifications
  • University / Community College Business Administration, Information Technology or Engineering degree / diploma (or equivalent) or equivalent work experience
  • Excellent English communication skills (written and oral)
  • Strong interpersonal skills with prior advisory or consulting background
  • Self-driven with strong project management and coordination skills

Sounds like you? Click below to apply! #LI-CP1

At Questrade Financial Group of Companies, with multiple office locations around the world, we are committed to fostering a diverse, inclusive and accessible work environment.

This is an environment where individuals are treated with dignity and respect. Here, the unique skills and experience you bring will be valued.

You will be supported and motivated, so that you can harness your unlimited potential. Our team reflects the diversity of the communities we serve and operate in.

Having a collaborative and diverse team helps us push boundaries to bring the future of fintech into existence not only for the benefit of our customers, but for those who build their career with us.

Candidates selected for an interview will be contacted directly. If you require accommodation during the recruitment / selection process, please let us know and we will work with you to meet your needs.

Other details

  • Pay Type Salary
  • 5700 Yonge St, North York, ON M2M 4K2, Canada

Share this job :

30+ days ago
Related jobs
Questrade Financial Group
Toronto, Ontario

As a Principal Cybersecurity Architect, you will work in the CISO organization and report to the Manager of Cybersecurity Engineering. Principal Cybersecurity Architect. What’s it like working as a Principal Cybersecurity Architect. You will use your subject matter expertise to continuously enhance ...

Scotiabank
Toronto, Ontario

You can synthesize findings and present clear recommendations and implementation plans to ensure impactful project outcomes to senior leaders within the Bank. You are adept at fostering & maintaining collaborative relationships with key internal and external stakeholders including senior leaders wit...

Amazon Web Services Canada, Inc. - D46
Toronto, Ontario

As part of the GTM Specialist Solutions Architecture team, you will work closely with other Specialist Machine Learning Architects from various geographies to enable large-scale customer use cases and drive the adoption of Amazon Web Services for Data and AI/ML platforms. Are you a customer-obsessed...

FCT
Oakville, Ontario

Assists experienced team members with Information Security activities, as assigned including security monitoring procedures. Exposure to or familiarity with computer networking and telecommunications, application design and development, information security (e. Document and perform processes related...

Guidepoint
Toronto, Ontario

As a Linux/DevOps Engineer you will be an instrumental part of the engineering team and will be the key person keeping all systems operational. Our engineering team plays a vital role in building the powerful technology that allows us to deliver knowledge to our clients faster and more efficiently. ...

Randstad Canada
Toronto, Ontario

My client is looking for an Information security analyst to work with IT team to implement corrective measures, maintain security documentation and assist in remdiation process. This role is an intermediate security operations role and it offers an opportunity to work with business and technical tea...

Cynet Systems
Toronto, Ontario

Design, build and support within the cloud environment.Monitor and assess the performance of applications in a cloud environment to ensure solutions are available.Create, develop enhancements, test and implement safeguards to maintain data integrity and protect against unauthorized access.Can assist...

Healthcare of Ontario Pension Plan
Toronto, Ontario

The IT Investment Solutions Group at HOOPP (Healthcare of Ontario Pension Plan) seeks a skilled Senior DevOps Engineer for our IT for Investments Infrastructure team. Relevant certifications AWS SysOps Administrator, AWS Advanced Networking, AWS Solutions Architect, AWS DevOps Engineer, Snowflake Sn...

New Relic, Inc.
Toronto, Ontario
Remote

Principal Software Engineer - Platform Security/Compliance Architect - (Remote). Principal Software Engineer - Platform Security/Compliance Architect - (Remote). You will collaborate with cross-functional teams, including engineering, security, legal and compliance to ensure our software complies wi...

BGIS
Markham, Ontario

Proficient in monitoring various security administrative consoles as well as IT related administrative consoles to determine root causes for security events (Security Incident and Event Management, Endpoint Protection, Cloud Access Security Broker, Email Security). This position will maintain and im...