Senior Security Architect to conduct cyber risk assessments on new and existing technical solutions to identify security risks and control gaps for a crown

Our valued crown corporation client is seeking a Senior Security Architect to conduct cyber risk assessments on new and existing technical solutions to identify security risks and control gaps!

Initial 1.5-year contract opportunity, with strong possibility of extension to a total term of 3 years (100% Remote). 7.5 hours per day, Monday to Friday in EST timezone

Responsibilities:

• Develop security solution architecture/design based on business, operational, technical and security requirement, while aligning with the organization's Enterprise Architecture principles and Cyber Security standards
• Assess the technology solutions for compliance to the Organizational Cyber Security directives and standards, following the Enterprise Cyber Risk & Assessment Framework
• Work with solution and project teams to mitigate and track cyber risks
• Apply a threat modeling approach to cyber security risk measurement and reporting
• Research and monitor technology developments and industry trends; assessing their applicability, functionality and reliability for the organization and recommend technologies that will enhance productivity and the achievement of the internal clients' business objectives
• Contribute to the development of the overall Cyber Security Solution Architecture processes, tools, standards, and templates

Must-Have Skills:

• 10+ years of recent demonstrated work experience in the IT field
• 5+ years of demonstrated experience in developing Cyber Security Architecture
• 5+ years of demonstrated experience working in a cyber assessment program
• Demonstrated experience with risk management and security control methodologies and frameworks (e.g., NIST 800-53, NIST CSF, ISO 27001, SOC 2)
• Professional certifications such as CISSP, CISA, or CISM

Nice-to-have Skills:

• Demonstrated understanding of various Cyber based concepts such as Zero Trust Architecture and Data Loss Prevention
• Demonstrated experience supporting the implementation of new monitoring, vulnerability management, & EDR tooling e.g. Splunk
• Demonstrated knowledge of Cloud Architecture and Operations (Azure)
• Demonstrated knowledge of application security (SDLC)
• Demonstrated ability to work with an enterprise architecture framework and group
• Demonstrated knowledge of principles and best practices in software architecture and architectural/design patterns and frameworks