At CAAT, we’re passionate about what we do. And it shows!
Here, you’ll find a cultural spark in everything we do – from the way we partner with members and employers, to the way we work, collaborate, and grow. It doesn’t just feel different at CAAT. It is different. We’re one of the fastest-growing pensions in the country for a reason. We challenge the status quo, making a real impact on the hundreds of employers we serve – from education institutions to major corporations and household brands. And we’re just getting started. Driven by core values and a shared purpose, we’re fierce champions for better retirement security, known for our can-do culture where everyone plays a role in bringing our vision to life. If this sounds like a fit, we’d love you to be a part of it.
About the Role:
The Senior Security Architect (Enterprise and Emerging Tech) is a technical subject matter expert responsible for architecting, developing, and validating secure solutions across CAAT's hybrid cloud and AI-driven technology ecosystem. This role includes full-spectrum enterprise security architecture along with advanced focus on GenAI platforms, low-code/no-code AI tools, agentic AI systems, and machine learning pipelines. The incumbent will lead advanced security-by-design implementations, develop scalable security reference architectures, and implement end-to-end security testing frameworks around current enterprise infrastructure and emerging technologies.
As the Newest Member of our Team, You’ll:
- Develop and implement secure enterprise architectures by collaborating with cross-functional teams to align future-state roadmaps across network, platform, and application domains, with a strong focus on Microsoft Azure environments.
- Lead "security by design" initiatives across the full system development lifecycle, including threat modeling, architecture reviews, and risk-based control implementation in hybrid and AI-enabled platforms.
- Architect and deploy advanced Azure security solutions, including Microsoft Defender, Azure Sentinel, Key Vault, and identity/access management frameworks such as conditional access and privileged identity management.
- Conduct hands-on security assessments and penetration testing, creating and maintaining architecture artifacts like blueprints and security patterns while ensuring alignment with organizational cybersecurity strategies and frameworks.
- Implement and integrate security-by-design principles within CI/CD pipelines, configuring tools such as SAST, DAST, SCA, and IaC scanners to enable automated security testing and compliance throughout the SDLC.
- Lead secure DevSecOps practices by managing secrets, configuring security gates and approval workflows, and overseeing vulnerability management and remediation across deployment pipelines.
- Architect and implement secure-by-design frameworks for GenAI platforms, MLOps pipelines, and LLM integrations, including federated learning environments and agentic AI systems, with a focus on Azure, AWS Bedrock, and hybrid workloads.
- Define and enforce AI/ML-specific security controls such as model integrity, data lineage, drift detection, adversarial robustness, prompt injection mitigation, and secure integration of LLMs with RBAC and ethical AI considerations.
- Secure low-code/no-code AI platforms and third-party integrations, performing threat modeling (MITRE ATLAS, NIST AI RMF), assessing risks in APIs, vector databases, orchestration frameworks (e.g., LangChain), and supporting red/blue team readiness for AI-specific threats.
- Lead DevSecOps and compliance for AI systems, embedding security into CI/CD and ML pipelines, enabling continuous monitoring and telemetry for AI workloads, and supporting PCI-DSS, ISO 27001, and enterprise cybersecurity architecture initiatives.
To Succeed, You Bring:
- Bachelor’s degree in Computer Science, AI, Information Security, Cybersecurity, or related technical field.
- 10 years of cybersecurity experience with a strong emphasis on hands-on security architecture and engineering for cloud and AI systems.
- Over 8 years of expertise in cloud security architecture and engineering, with a strong focus on Microsoft Azure services, governance models, secure API development, and the implementation of secure data and model validation pipelines.
- CISSP certification required.
- Excellent written and verbal communication coupled with solid technical skills
- Experience with Zero Trust architecture applied to AI environments.
- Expert-level hands-on experience with Microsoft Azure security services, configurations, and best practices.
- Deep technical knowledge of network security, application security, endpoint security, and data protection.
The target hiring salary for this position is $125,000 – $157,200. Placement within our salary range will be based on factors such as internal equity, market conditions, and the candidate’s experience, skills, and qualifications relevant to the role.
At CAAT, we believe innovation, passion, and purpose are ingredients for a great work environment. We’re incredibly proud of our people and the remarkable impact they have as catalysts for change. We’re committed to attracting and keeping great talent, which means competitive compensation, exceptional benefits, and an environment where people can grow and thrive. When you work with CAAT, you’ll enjoy:
- Opportunities to Build a Better You: We never stand still. As we grow, so do you. Enjoy a place that provides endless opportunities to learn and master your skills while cultivating new ones.
- Comprehensive & Holistic Care: Be at your best with a Total Rewards program that feeds and prioritizes your physical, mental, and financial wellness. From flexible work arrangements, comprehensive benefits to wellness incentives, and a defined benefit pension plan – we have you covered.
- A Place to Collaborate and Win: We’ve built a lively environment where creativity and open communication thrive. It’s why we’re consistently recognized as one of ‘Canada’s Most Admired Corporate Cultures’, one of ‘Greater Toronto’s Top Employers’, and one of the ‘Best Places to Work’.
- Work that Truly Matters. You’re giving Canadians the opportunity for better retirement security, and organizations the chance to do more.
If you believe that Canadians deserve a future where a secure lifetime retirement income contributes to their financial and overall well-being, then CAAT could be the right fit for you. Start your journey with us today. Apply now.
Learn more about us by visiting www.caatpension.ca/careers
No artificial intelligence tools are used to screen, assess, or select applicants for this position. Artificial intelligence tools may be used to help recruiters identify potential candidates on external platforms. All hiring decisions are made by human reviewers.
Diversity, Equity, Inclusion, and Belonging (DEIB):
DEIB at CAAT means we respect and value the broadest range of experiences, geographies, gender, ethnicities, backgrounds, and perspectives as key elements of our culture. Our vision is to provide an environment where employees can bring their best, professional, authentic, selves to work.
CAAT Pension Plan is an equal opportunity employer, and we will accommodate any needs under the Accessibility for Ontarians with Disabilities Act and the Ontario Human Rights Code. Hiring processes will be modified to remove barriers to accommodate those with disabilities, if requested. Should any applicant require accommodation through the application processes, please contact us at hr@caatpension.ca or call Human Resources at 416-673-9000 for assistance.
Vacancy:
This posting is for an existing vacancy
#SJ
Work Location: In person
