Senior Security Architect (Cloud and Software Security Controls)
Hybrid – Toronto– 2 days/week (likely Tuesdays/Thursdays)
Contract Duration: 6 months with high possibility of extension
• Business group: Cloud & Application Security Product and Architecture - team is a product group within Cloud and Applications Security. This team focuses mainly on strategy building.
• Project : Application Security SME contractor needed to help design the new software composition analysis (SCA) platform and migration strategy from Black Duck into Cloud. Will be supporting AppSec Product (OSS).
Migration from SCA tool - to another vendor to the Cloud -on-prem to Cloud - a lot of integration work needed, SSO, LAM/WAM, JIRA integrations, Service Now - log monitoring, pipeline integration, artifact integration - expectation is the Architect should be able to lead these integrations and migration and have experience with all of these – will be working on other projects later on so DAST, SAAST
Typical Day in Role:
• Network security is cloud is one of the crucial security domains, with a highly specialized experience required, and forms a fundamental building block in the entire cloud architecture.
• SCA Design for selected vendor including the below tasks:
- SCA SaaS Tenant set up
- SCA SaaS Integration with Bank incl. SSO, ESLM, CI/CD
- Migration Design from Black Duck to a new SCA vendor
• Collaborate with cloud infrastructure, DevOps and development teams to integrate security during the design and development phases.
• Provide mentorship and training to other team members on cloud security principles.
• Help develop test cases and drive Proof of Value (POV) to completion.
• Help develop a procedure.
• Contribute to SCA project onboarding process development.
• Contribute to system architecture.
• Establishing seamless integration between cloud and on-prem
• Evaluate existing integrations
• Form a connection when talking about the security tools for platform integration into cloud
Must Have Skills:
1. 10+ years’ experience in IT overall WITH 5+ years in Security architecture/integration/implementation roles
2. 4+ years’ experience with Software Security Controls Architecting and Solutioning, with proven project experience with large migrations
3. Strong demonstrated experience with SSO, LAM/WAM, JIRA integrations
4. 2-3+ years’ recent project experience with integration, specifically with various cloud and on-prem solutions (experience with any public cloud is OK – AWS, Azure, GCP)
5. 5+ years strong SDLC experience
Nice-To-Have Skills:
• Recent experience with and understanding of some/any of the following: SBOM, SCA, SAST, DAST, OSS libraries, and licenses, CI/CD pipelines a strong asset
• Experience with deployment and managing IaaS, PaaS & SaaS solutions
• Experience in the financial industry
• Experience with CI/CD tools: Jenkins, Azure DevOps, GitLab CI/CD, CircleCI, BitBucket/GitHub, Jfrog Artifactory, Ansible, Confluence, Jira, Bamboo etc.
Soft Skills Required:
• Strong analytical and problem-solving skills, with an ability to think strategically and tactically about complex cloud security issues.
• Communication: excellent written and verbal communication and interpersonal skills
• Fast learner with strong analytical skills and improvement mindset
• Must be able to operate independently within tight time frames
• High energy, demonstrated ability to work under pressure, deals well with ambiguities and uncertainties, and drives results.
• CISSP or similar security certifications are an asset
Best vs Average: We are seeking a contractor to drive the team in developing the test cases and POV. Experience developing high level architecture, deployment, and integrations is critical to this role. There is a dedicated support team, however the selected resource should seek necessary approvals and provide guidance for deployment.
- Virtual and in person interviews. IN person will be at Toronto downtown on Tuesdays or Thursdays (HM can accommodate as needed but please note these days)
- Two Rounds of interview:
- 1st round via MS teams, panel technical and behavioral interview (HM and one other potentially)
- 2nd round – 1 hour – with HM + HM’s manager in person – technical interview with scenario-based questions, if in person will be solutioning live on paper/whiteboard