Principal Cybersecurity Architect
What’s it like working as a Principal Cybersecurity Architect at Questrade?
As a Principal Cybersecurity Architect, you will work in the CISO organization and report to the Manager of Cybersecurity Engineering. You will use your subject matter expertise to continuously enhance the organizational cybersecurity posture and architect security solutions that will minimize cybersecurity risk to our systems, information and customers in the highly regulated financial services industry. You will support engineering velocity in alignment with business priorities, enterprise risk appetite, information security policy and standards, cybersecurity strategy and target architecture. Your expertise will drive enhancements to the application security program and the enterprise S-SDLC.
Need more details? Keep reading…
- Design and formally document, using QFG-defined methodology, the security architecture of our line of businesses (journeys), products, and solutions
- Drive the design and implementation of new solutions that will enhance our security controls and support our existing and future financial service offerings and platforms
- Identify gaps, architect solutions and develop business cases with clear justifications and cost/benefit analyses for cybersecurity initiatives and annual budget planning
- Successfully communicate security risks, challenges and opportunities to leadership and internal stakeholders within engineering departments
- Utilize your strong interpersonal and consulting skills and work collaboratively with technology peers within the CISO and CIO organizations, including enterprise architecture, cloud engineering and infrastructure areas, to enhance our application security posture and offer security guidance and advisory services.
- Participate in threat risk assessments and IT change management initiatives to assess change-driven application security risks that are out of compliance with Information Security policy, cybersecurity standards or best practices and provide mitigation guidance
- Participate in the due diligence process to assess the application security posture of M&A targets, quantify the risk, suggest remediations and produce detailed reports
- Produce extensive high-quality documentation, architecture diagrams, and presentations and support the development of cybersecurity documentation, policies, standards, and procedures
- Utilize your knowledge in application security frameworks, guidelines and best practices such as NIST CSF & SSDF, OWASP SAMM, BSIMM and similars to identify gaps and drive S-SDLC improvements with the organization
So are YOU our next Principal Cybersecurity Architect? You are if you…
- 10+ years of combined cybersecurity experience on domains related to application security and security architecture
- Prior experience as enterprise/solutions architect, devops engineer or software engineering role
- Extensive knowledge of the S-SDLC, it’s underlying processes and demonstrable experience in all of the stages therein
- Extensive knowledge of application security concepts and practices, including threat modeling, designing and implementing secure application architectures, designing and implementing secure build and secure deploy infrastructure and processes
- Extensive knowledge of cloud computing concepts and solutions, including public, private, and hybrid cloud
- Proven experience architecting solutions for the cloud, with bonus points for Google Cloud experience
- Strong experience with microservices architectures, IaC, containers and Kubernetes environments
- Deep knowledge of defense-in-depth and zero-trust concepts in a cloud-native environment, e.g. applying authorization policies at gateways, sidecars and application layers, and trusted sub-zones
- Experience with performing security reviews and Threat Risk Assessments
- Possess relevant security, application security and security architecture certifications
- University/Community College Business Administration, Information Technology or Engineering degree/diploma (or equivalent) or equivalent work experience
- Excellent English communication skills (written and oral)
- Strong interpersonal skills with prior advisory or consulting background
- Self-driven with strong project management and coordination skills
Sounds like you? Click below to apply! #LI-CP1
Other details
- Pay Type Salary
- Zeev Jabotinsky St 3, Ramat Gan, 5252005, Israel