Overview
We are seeking a Senior DevOps / Cloud Engineer to join our security architecture practice and drive the design of secure, enterprise-scale digital solutions. The successful candidate will partner with business, product, and engineering stakeholders to embed cybersecurity by design principles from the outset—ensuring that every solution is aligned with industry standards, compliance mandates, and organizational security goals.
This role requires a well-rounded technical leader with deep expertise across cloud, application, data, and information security. The Senior Security Architect will conduct security assessments, develop reusable design patterns, and provide hands-on architecture guidance while also mentoring junior team members and building strong client relationships.

Key Responsibilities

• Partner with business, engineering, and product teams to define and translate security requirements into architecture designs.
• Conduct threat modeling, risk assessments, and security analyses across inception, design, and implementation phases.
• Develop and maintain reusable “secure-by-design” patterns for cloud (IaaS/PaaS), SaaS, and hybrid solutions.
• Architect identity and access management solutions (SSO, MFA, PKI, RBAC/ABAC, federated identity).
• Design network and infrastructure security controls (segmentation, firewalls, security groups, SASE, micro-segmentation).
• Specify data-protection mechanisms (encryption, KMS/Vault, tokenization, transparent data encryption, DLP, database monitoring).
• Integrate security telemetry (logs, events, alerts) into SIEM (Splunk Cloud, Azure Sentinel) and automate with SOAR workflows.
• Embed security into DevSecOps pipelines via Infrastructure-as-Code (IaC) templates, CI/CD, and automated testing.
• Facilitate architecture review boards, governance gates, and design workshops.
• Mentor junior architects and engineers, promoting adoption of secure design principles.
• Build and maintain strong client relationships, ensuring trust and alignment on security solutions.

Required Skills & Experience

Core Security Domains

• Identity & Access Management: SSO, MFA, PKI, OAuth/OIDC, SAML, RBAC/ABAC.
• Infrastructure Security: Cloud (AWS, Azure, GCP) hardening, segmentation, firewalls, SASE.
• Data Protection: KMS/Vault, TDE, tokenization, DLP, database activity monitoring.
• Application Security: Secure SDLC, threat modeling (STRIDE/DREAD), API gateway, WAF, container/serverless security.
• Security Operations Tools: SIEM (Splunk Cloud, Azure Sentinel), SOAR, EDR (Defender, Cortex XDR).

Architecture & Design Expertise

• Apply frameworks such as TOGAF, NIST CSF, CIS Controls.
• Lead requirements gathering and produce solution design artifacts (architecture diagrams, data flow, sequence models).
• Provide implementation guidance (IaC templates, configuration, logging-agent deployments).
• Chair architecture review boards and enforce governance.

Agile Delivery & Collaboration

• Experience with Agile/Scrum: backlog management, user stories, sprint ceremonies.
• Embed security controls into CI/CD pipelines.
• Facilitate workshops aligning SecOps, DevOps, and product teams.

Public Sector & Regulatory Awareness

• Familiarity with FIPPA, PHIPA, PCI DSS, AODA, ISO 27001.
• Experience embedding compliance controls, audit trails, and retention policies into solution design.

General Skills

• Proven leadership in technical security architecture and secure solution delivery.
• Deep expertise in at least two public cloud platforms (AWS, Azure, GCP).
• Strong knowledge of application architecture, networking, and security operations.
• Skilled in structured design methodologies and ITIL processes.
• Excellent communication skills—able to present to both technical and executive audiences.
• Collaborative team player with strong stakeholder management and client relationship skills.
• Strong analytical, problem-solving, and decision-making capabilities.
• Awareness of emerging security technologies, trends, and compliance requirements.

Job Type: Fixed term contract
Contract length: 12 months
Pay: From $70.00 per hour

Application question(s):

• How many years of hands-on experience do you have with RedHat Enterprise Linux (v7 or later)?
• How many years of experience do you have with UNIX Solaris (v10)?
• How many years of experience do you have with Mainframe IMS Connect?

Location:

• North York, ON (preferred)

Work Location: Hybrid remote in North York, O

• Partner with business, engineering, and product teams to define and translate security requirements into architecture designs.
• Conduct threat modeling, risk assessments, and security analyses across inception, design, and implementation phases.
• Develop and maintain reusable “secure-by-design” patterns for cloud (IaaS/PaaS), SaaS, and hybrid solutions.
• Architect identity and access management solutions (SSO, MFA, PKI, RBAC/ABAC, federated identity).
• Design network and infrastructure security controls (segmentation, firewalls, security groups, SASE, micro-segmentation).
• Specify data-protection mechanisms (encryption, KMS/Vault, tokenization, transparent data encryption, DLP, database monitoring).
• Integrate security telemetry (logs, events, alerts) into SIEM (Splunk Cloud, Azure Sentinel) and automate with SOAR workflows.
• Embed security into DevSecOps pipelines via Infrastructure-as-Code (IaC) templates, CI/CD, and automated testing.
• Facilitate architecture review boards, governance gates, and design workshops.
• Mentor junior architects and engineers, promoting adoption of secure design principles.
• Build and maintain strong client relationships, ensuring trust and alignment on security solutions