Senior Cloud Security Architect to lead the design, development, and implementation of secure on premise and cloud architectures in AWS, Azure, and M365.

Senior Cloud Security Architect to lead the design, development, and implementation of secure on premise and cloud architectures in AWS, Azure, and M365.

Initial 1-year Contract with possible extension and/or permanence, Hybrid in Ottawa or Calgary (2-3 days onsite). 7.5/hrs day.

We are seeking a highly skilled Senior Technical Infrastructure Analyst for our client's IT Cyber Security team. We are looking for someone with extensive experience in IT Security, specifically in securing cloud environments for sensitive and mission-critical systems. The ideal candidate will have hands-on experience with cloud platforms such as AWS, Azure, and M365, a deep understanding of NIST security frameworks (including NIST 800-171), experience implementing frameworks in both an Enterprise and Cloud environment, and familiarity with the Canadian Centre for Cyber Security cloud protection profiles. This position will involve designing, implementing, and managing robust security architectures to safeguard cloud infrastructure and applications in a complex, regulated environment.

Key Responsibilities:

• Security Architecture Design: Lead the design, development, and implementation of secure on premise and cloud architectures in AWS, Azure, and M365 that align with the organization’s security policies, regulatory requirements, and industry best practices.
• Risk Management and Compliance: Ensure security solutions comply with NIST security frameworks, including NIST 800-171, and work closely with compliance teams to assess and address risks. Develop and maintain security controls to meet the requirements of Canadian Centre for Cyber Security cloud protection profiles.
• Cloud Platform Security: Implement and manage security controls for cloud environments (AWS, Microsoft), including identity and access management (IAM), encryption, network security, monitoring, incident response, and vulnerability management.
• Cross-Functional Collaboration: Collaborate with internal stakeholders (security, engineering, DevOps, etc.) to ensure cloud security strategies align with business goals and mission objectives.
• Monitoring and Incident Response: Assist Security Operations for monitoring cloud environments for potential threats and vulnerabilities. Support incident response and investigation efforts related to cloud security breaches or compromises.
• Security Best Practices and Policies: Develop, review, and enforce cloud security policies, standards, and procedures, ensuring they reflect the latest industry practices and regulatory requirements.
• Security Audits and Assessments: Support regular security assessments, audits, and penetration tests to ensure continuous security improvements and compliance with relevant frameworks (NIST, CCCS, etc.).
• Training and Mentorship: Provide guidance and mentorship to junior team members and other departments on cloud security best practices and procedures.

Must-have skills:

• 5+ years of experience working in IT Security within the defense or government sector, with a focus on cloud security.
• Cloud Platforms Expertise: Proven experience in designing, implementing, and securing cloud solutions in AWS, Azure, and M365.
• Knowledge of Security Frameworks: In-depth knowledge of NIST security frameworks, including NIST 800-171, and experience with the Canadian Centre for Cyber Security cloud protection profiles.
• Security Certifications: Relevant certifications such as CISSP, CCSP, AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer Associate, or similar are preferred.
• Risk Management: Experience in risk assessments and implementing security controls for cloud environments.
• Regulatory and Compliance Knowledge: Solid understanding of compliance requirements for federal, defense, and government sectors.
• Technical Proficiency: Strong understanding of network security, IAM, encryption, firewalls, and security automation in cloud platforms.
• Must be able to obtain and maintain Canadian Security Clearance and a positive Controlled Goods Assessment. Eligibility to work in Canada either as a Canadian Citizen or Permanent Resident.

Nice-to-have skills:

• Experience with cloud security automation tools and DevSecOps practices.
• Familiarity with threat intelligence platforms and security orchestration tools.
• Knowledge of additional security frameworks (ISO 27001, Centre for Internet Security (CIS), SOC2 etc.) and government compliance programs.