JobWings Logo
Maarut Inc logo

Security Architect

Maarut Incabout 16 hours ago
Montreal, Quebec, Canada
Senior Level
CONTRACTOR

About the role

This role focuses on areas where architectural decisions determine the security posture for the entire lifecycle of solutions, supporting projects and operations within a business line. You will act as an architecture advisor. You will produce security architectures and security opinions, define the requirements and controls applicable to business systems, and support developers, systems engineers, and security teams in their implementation. Your cybersecurity risk assessment will guide portfolio decisions. Security is integrated from the design stage and maintained throughout the entire lifecycle. Client is seeking a Security Architect to provide consulting services to a business line, not a Controls Operator or a SOC Analyst. The role revolves around three recurring deliverables: security architectures, security advisories, and consulting services for portfolio teams. The terminology used (security by design, requirements and control definition, compliance with regulatory frameworks) positions the role upstream in the lifecycle, during the design phase, rather than in the remediation phase. The mention of project and train support as a significant asset, combined with the Agile SAFe requirement, indicates that the candidate will be assigned to one or more trains and will be expected to participate in planning ceremonies. The ideal candidate is a cybersecurity practitioner with 10 years of experience, at least half of which has been spent in architecture, and is comfortable balancing regulatory requirements with the realities of delivery for development and systems engineering teams. Requirements 10 years of cybersecurity experience 5 years of security architecture experience, included within the 10 years Knowledge of NIST 800-53, CIS Controls 18, and ISO frameworks Ability to work in an Agile (SAFe) environment Production of security architectures and security assessments/recommendations Definition of security requirements and security controls for business systems

Requirements Desired Security-by-design approach applied throughout the entire lifecycle Cybersecurity risk assessment

Asset Experience supporting projects and/or Agile trains, identified by the client as a significant asset Insurance industry experience Note: The five years of security architecture experience are included within the ten years of cybersecurity experience and are not cumulative. The three frameworks (NIST 800-53, CIS Controls 18, and ISO) form a complementary standards ecosystem; demonstrated proficiency in two of them, supported by relevant project experience, is considered sufficient to satisfy this criterion.

About Maarut Inc

IT Services and IT Consulting

Similar Jobs