Cyber Training Canada

Our client, based in Toronto Canada, is seeking an experience Architect.

Position Summary:

Reporting to the VP, Information Security & Compliance and collaborating closely with their peers, the Principal Security Architect is responsible for security technology roadmap, strategy and execution supporting the enterprise information security program and related compliance and governance structures, 

Key Accountabilities:

• Lead s information security architecture function within the Information Security & Compliance organization.
• Develops and implements information security technology roadmap and capabilities with alignment to recognized security and technology governance frameworks such as CIS, ISO, COBIT and NIST in alignment with business priorities.
• Develop information security requirements into multi-year, complex programs / projects to support their embedding at the onset of any project and to protect complex technology ecosystems from increasingly sophisticated threats.
• Develop and maintain technology, capability and service roadmaps covering all information security domains supporting a defense-in-depth strategy including network security, identity and access management, cloud security, data security, application security, and endpoint security.
• Define information security models, principles, and patterns to guide and support IT solution decisions for the enterprise.
• Develops and designs technology ecosystem and/or integration roadmaps and architectures to best leverage information security investments.
• Develops, designs, and leverages threat risk models for all project and capability implementations
• Identify the gaps between the future-state and current-state cyber security architecture and develop plans for moving toward the future state.
• Collaborates with the senior leadership to provide leadership, operational expertise and strategic direction to the organization and all operational teams.
• Collaborate to define, implement, and administer company standards, and support their consistency with other relevant regulations, policies, and guidelines.
• Monitor the vulnerability and threat landscape, keeping senior leadership apprised of any relevant developments impacting the company’s business goals and objectives, and recommending appropriate courses of action as needed.
• Monitor and track regulatory and industry developments and trends in information security
• Monitor and track vendor/partner/MSSP ecosystem and identify opportunities to PoC emerging solutions to reduce information security risk and/or increase capabilities.
• Contributes to the strengthening of relationships with provincial gaming regulators and gaming corporations supporting alignment on information security matters.
• Reviews information security capabilities, processes, & procedures to protect against and respond to security breaches, major incidents, and non-compliance with regulatory requirements.
• Provides reports to executive management and other stakeholders on IT and security matters, issues, deficiencies, and remediation.
• Contributes to the Compliance and IT departments’ strategies and plans, bringing security and governance expertise; ensures the security strategies align with the company’s strategic goals.
• Contributes to best practices in overall IT risk management, alignment with corporate ERM programs, and ensures adequate controls and segregation of duties in IT.
• Provides mentorship, staff development and participates in succession planning.
• Coaches and develops team members on risk management.
• Champions and participates in events for the Company’s PROUD program.
• Manages other initiatives as required.

Education and Qualification Requirements:

• Post-secondary education in IT or a suitable combination of education and experience.
• Industry certifications such as CISSP, CCSP, CISA, CISM or similar are expected.
• Knowledgeable in frameworks and standards such as COBIT, NIST, ISO 27002, and ITIL and how they can be practically leveraged and/or implemented.
• Proven experience in overseeing/developing information security architectures and roadmaps and supporting their execution.
• Ability to keep current with the evolving vulnerability and threat landscape.
• Ability to balance short-term results with long-term needs and to offer incremental approaches to achieve strategic objectives.
• Ability to effectively research emerging technologies and trends, standards, products, and services.
• Ability to analyze project, program and portfolio needs, as well as to determine the resources needed to achieve objectives and overcome cross-functional barriers.
• Ability to work across Information technology and compliance functions supporting the Information security mandate.
• Ability to balance short-term results with long-term needs and to offer incremental approaches to achieve strategic objectives.
• Experience with threat risk modelling and attack surface assessments.
• Minimum 6-8 years progressive work experience in information technology.
• Minimum 5 years of technical experience in information security.
• Minimum 3 year as an Enterprise Architect or Solution Architect, preferred.
• Experienced in managing external and internal audit requests on a timely basis and coordination of remediation efforts.
• Advanced written and oral communication skills required.
• Computer literacy in MS Office required.
• Relationship and stakeholder management skills. Great Canadian operates in a highly regulated environment with multiple regulatory stakeholders.
• Ability to obtain gaming registration in multiple jurisdictions – comprehensive background checks and disclosure of personal and financial information directly to gaming regulators required.

What’s in it for you?

• Access to health, vision care, dental benefits, and a retirement program with competitive matching options.
• We have an inclusive and collaborative working environment that encourages creativity, curiosity, and celebrates success.
• We provide you with the tools and technology needed to delight your clients.
• You’ll get to work with and learn from diverse industry leaders, who have hailed from top organizations around the world.
• Freedom to Innovate: supports new and better ways to be successful.
• Be your Authentic Self: an environment that values diversity as a source of strength.
• This isn’t your typical “corporate” job. We work hard and we have fun!