GA
Information Security Officer specializing in application and product security for the Government of Alberta. Safeguarding digital services through collaboration and compliance with cybersecurity policies.
About the role
- Enterprise Security Architect leading cybersecurity initiatives and secure solutions design at Vancity. Collaborating with teams to influence enterprise architecture and protect digital assets.
Responsibilities
- Design and establish enterprise application security architecture frameworks, patterns and reference models aligned with business objectives and risk tolerance
- Lead architecture reviews of applications and systems to identify security gaps and recommend appropriate controls
- Architect security solutions for authentication, authorization, encryption, and secure communication channels
- Develop and maintain security baselines, standards, and patterns for different technology stacks (web, mobile, API, microservices) and deployment models
- Integrate security architecture principles into CI/CD pipelines to support DevSecOps initiatives
- Contribute to the development of enterprise security documentation such as policies, standards, baselines, guidelines, and procedures.
- Provide mentorship and direction to junior security architects
- Manage and participate in the Application Security Champions program
- Collaborate with project leads to define requirements, design controls, and implement scalable security services aligned with Vancity’s cybersecurity vision.
- Partner with business units and enterprise architecture teams to deliver risk-based security guidance and support an integrated security service portfolio.
- Assess security risks across programs, projects, and operational processes, and recommend architecture remediation strategies.
- Stay current on cyber threats and emerging technologies to inform investigation techniques and enhance incident response capabilities.
Requirements
- Bachelor’s degree in STEM, Computer Science, Engineering, or highly related field.
- 12+ years of experience in IT and/or Information Security
- 5+ years Secure Application Architecture experience developing and maintaining security baselines, standards, and patterns for different technology stacks (web, mobile, API, microservices) and deployment models
- 8+ years hands-on Secure Software development & DevSecOps experience within a formalized SSDLC.
- Extensive knowledge and experience of secure coding practices and working with SAST, DAST, SCA, IAST tools.
- Experience in designing secure architectures e.g. networking, Cloud, IDP, API, tokenization, Identity management (OAuth2, OIDC, SAML), Zero trust Architectures etc.
- Strong understanding of security controls across all layers of the OSI model.
- Extensive Threat modelling experience.
- Penetration testing experience backed up with relevant certifications e.g. OSCP, GPEN etc.
- Experience designing secure systems and integrations with enterprise applications.
- Awareness of Canadian regulatory environments (e.g., OSFI, PIPEDA) and their impact on security programs.
- Experience securing public cloud offerings (Azure is preferred) with relevant Cloud/Security certifications.
- Information Security Certifications in one or more of the following is required: CISSP, CCSP, GISP, GSE, Information Technology Certifications in one or more of the following will be an asset: TOGAF, SABSA, CSSLP, GIAC GWEB/GCSA/GWAPT/GDSA/GCSA, Azure Architecture/Security certs.
- Experience with or knowledge of PCI DSS 4.2, ISO 27001, NIST CSF and NIST 800-53 control frameworks is highly desired.
- Strong stakeholder engagement and communication skills across technical and non-technical audiences.
Benefits
- Living Wage Employer : We’re the largest private-sector Living Wage Employer in Canada and consistently ranked among Canada’s Top Employers.
- Customizable Benefits : Permanent employees receive flexible benefit packages that can be tailored annually to meet evolving needs.
- Generous Vacation : New employees start with 3-4 weeks of vacation per year, with additional days earned over time.
- Extra Stat Holidays : In addition to BC’s 11 statutory holidays, we offer 2 extra days, plus care days for personal or family illness.
- Immediate Health Coverage : Health and dental benefits begin on your hire date, with three levels of coverage to choose from.
- Defined Benefit Pension : Our retirement plan provides a guaranteed income for life, recognizing that retirement looks different for everyone.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Senior Security Engineer focusing on Application Security and Vulnerability Management for cybersecurity firm. Collaborating with teams on security operations, incident response, and compliance initiatives.
Security Analyst I supporting security operations and security engineering initiatives at Varicent. Collaborating across teams to strengthen security posture through operational excellence and risk - based decision - making.
LP
Sr PM – Cybersecurity
LinkedIn Recruiter Post
Sr PM - Cybersecurity 12mo contract in Toronto. Must have 10+ years PM experience, cyber security background, and Canadian banking experience.
LP
Information Technology Security Engineer
LinkedIn Recruiter Post
IT Security Engineer for hybrid contract in Ottawa, ON. Requires experience with Gov Canada security assessment and CI/CD security scanning.
Expert in application cybersecurity analyzing web components and supporting secure development practices within a dynamic team. Collaborate on cloud application security based in Quebec, Canada.
Conseiller en gouvernance de la sécurité de l'information senior intervenant dans un projet client. Travail à Québec dans la ville du secteur public.
LP
Transmit Security Flexid (CIAM)
LinkedIn Recruiter Post
Hiring for Transmit Security Flexid (CIAM) in Brampton, ON. Design and implement secure CIAM solutions using FlexID & Mosaic platform.
LP
Architects & Security Specialists
LinkedIn Recruiter Post
Seeking senior - level Architects & Security Specialists for remote contract roles across Canada. Focus on enterprise architecture, cloud design, security, and integration.
Penetration Testing Consultant at BMO conducting extensive manual security assessments for critical financial applications. Collaborating with stakeholders to enhance security strategies and practices.