Onico Solutions

Exceptional IT Staffing

Cloud Security Architect

The Cloud Security Architect develops actionable information security blueprints, principles, designs, standards and guidelines to ensure that our client’s information technology architectures, both on premise and in the Cloud, are consistent, usable, and secure. They establish security controls, and implement enterprise security strategies, architectures and solutions to manage information security risks.

This role is expected to have a thorough understanding of complex IT systems, including customer focused technologies across multiple technology platforms, and to stay up to date with the latest IT security standards, products and best practices. They also require to have a working knowledge of security frameworks like ISO 27001 and NIST, and enterprise security architecture frameworks like TOGAF, and SABSA.

The Cloud Security Architect is expected to have exceptional communication skills with diverse audiences, the ability to lead technical project teams, the ability to identify risks associated with business and technology processes, and the ability to explain technical topics to those without a technical background.

Responsibilities

  • Provide IT security consultation and engineering to support the development and design of security best practices and implementation of proven security principles across the organization, to meet business goals along with customer and regulatory requirements.
  • Establish security architecture standards, and ensure those standards and best practices are maintained across the organization’s IT systems; align standards, frameworks and security with overall business and technology strategy
  • Identify security design gaps in new and existing systems, propose architectures and recommend changes or enhancements
  • Document and develop in-depth knowledge of company’s existing information security infrastructure and cloud architectures.
  • Establish and implement security standards that guide the design of technology solutions.
  • Design, develop, and oversee implementation of end-to-end information security controls in integrated systems spanning across on premise and/or cloud architectures.
  • Develop and execute security test plans to validate the effectiveness of security controls across the company’s systems and networks. Report on findings and make recommendations for improvement.
  • Design security architecture elements to mitigate threats
  • Work with leadership to recommend and implementation plans to enforce security requirements and address identified risks.
  • Maintain an up-to-date understanding of emerging trends in information security risks and threat vectors; apply new techniques and trends, in-line with overall information security objectives and risk tolerance of the organization.
  • Research, architecture, and implementation of security controls across multiple on/off premise networks to protect the organization’s assets against compromise of its confidentiality, integrity and availability.
  • IT security architectural consulting expertise, direction, and assistance to IT security subject matter experts.
  • Identification of IT security risks associated with business processes, operations, information security programs and technology projects; and recommendation to mitigate findings.
  • Research, architecture, and implementation of security controls across multiple on/off premise networks to protect the organization’s assets against compromise of its confidentiality, integrity and availability.
  • Information security architectural consulting expertise, direction, and assistance to IT security subject matter experts.
  • Identification of IT security risks associated with business processes, operations, information security programs and technology projects; and recommendation to mitigate findings.
  • Other responsibilities as assigned by the Director of Information Security

Requirements

  • Excellent communicator, both written and verbal
  • Exceptional communication with diverse audiences
  • Proven ability to present ideas in business-friendly and user-friendly language
  • Strong leader with good project and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments
  • Able to analyze a large, complex, interlinked environment of data, communications and information systems, where the technology is changing as well as the types of threats and vulnerabilities
  • Excellent problem-solver with a deep understanding of computer security and applicable laws and regulations
  • Strong critical thinker with strong analytical skills
  • Understand business goals and operations and align risk mitigation recommendations with overall strategy and budget
  • Confident to follow-up and champion critical findings, follow through and deliver timely results
  • Able to work independently, set goals, prioritize and execute tasks in a high-pressure environment
  • Team-oriented, skilled in working within a collaborative environment, and strong interpersonal skills
  • Highly self-motivated; able to work with minimal supervision

Qualifications

  • Post-secondary education in Computer Science or equivalent combination of education and experience that satisfy the requirements of the position.
  • Minimum 8 years of progressive responsibilities in providing information security consultation services for complex technology projects, including customer focused technologies across multiple platforms.
  • At least 5 years of experience as an IT security architect including designing security controls for cloud-based technologies
  • Strong working knowledge of information security controls for Mobile, IoT, Cloud, Applications, Network and System infrastructure
  • Hands-on experience of security products which protect systems, such as Intrusion Prevention, Layer 7 Firewalls, Security Event Management Systems, port scanning and vulnerability identification, Endpoint Detection and Response, DLP, etc;
  • Working knowledge of ISO 27001, NIST, TOGAF and/or SABSA
  • Understanding of legal and regulatory compliance standards and requirements
  • CISSP, ISSAP, ISSEP and other security certifications are a strong asset.
  • Proven analytical and problem-solving abilities
  • Proven ability to conduct research into Information Security controls and security products as required

This is a permanent position located in downtown Toronto with an annual salary of $100,000.00 – $125,000.00 plus bonus.