$100K — $150K *
As a Security Architect, you will primarily be supporting project and operational teams in their efforts to implement security controls and measures. You will be involved in planning, design, implementation and operational transition of technologies and solutions that introduce new and extended security capabilities across the organization. This role reports to the Manager, Security Architecture.
As a Security Architect, you will
• Use your extensive technical knowledge to play an integral role in the design and implementation of technologies aligning with Enterprise Security frameworks and standards.
• Lead threat modeling, design reviews and code reviews as part of solution development lifecycle.
• Develop roadmaps, blueprints, standards, and strategic architecture to ensure security solutions meet current and future needs/ requirements of the business.
• Lead technical documentation of security artifacts and guidance
• Lead the optimization and enforcement of security gates and guardrails within DevOps CI/CD pipeline to produce secure codes and products.
• Build and maintain relationships with people at various levels to communicate security values to both technical and non-technical stakeholders.
• Perform security risk assessments to ensure our adoption, usage, and disposal of digital technology meets our required security risk posture and compliance obligations.
Your team and most of the operational and project teams are within the Shaw Barlow campus or in Calgary NE.
• Over 7 years of cyber security experience, including over 3 years in an application security architecture/engineering role
• Certifications in one or more of the following are required: CISSP, OSCP, CEH, CCSP, GWEB.
• Familiarity with one or more of the following security architecture standards is an asset: SABSA, TOGAF, NIST, ISO 27002
• Experience performing threat modelling of solution designs is required.
• Familiarity with common security libraries, security controls, and common security flaws.
• Experience with OWASP, static/dynamic analysis, and common security tools.
• Experience implementing and operating SAST, DAST and fuzz testing tools
• In-depth understanding of internet protocols, network architectures, and security technologies (e.g., TLS, PKI, IPsec, SAML, OAUTH, OpenID, etc.)
• Experience with container technologies (Docker or Kubernetes)
• Experience building and maintaining Security documentation packages.
• Deep understanding of cloud technologies and cloud security models with hands-on experience on AWS, Azure or major cloud provider.
• Diverse understanding of security architecture and design best practices, processes, and concepts
• Experience presenting Security technical and compliance material to both technical and non-technical audience.
• Ability to perform effectively under tight deadlines with multiple priorities in a fast-paced environment
Valid through: 7/8/2021