Security Architect

Microserve • Contract • CA, BC, Victoria • 4w ago

Senior Security Architect (12 Month Contract)

Location: Remotely

Staffing Placement Opportunity

The candidate will analyze security threats and risks, developing security policies and procedures, and implementing security technologies to prevent unauthorized access, data breaches, and other security incidents.

The Senior Security Architect will provide the following services:

Deep understanding of technical aspects of cybersecurity, including network and system architecture, security protocols, security operations, and incident response.
Designing and implementing security solutions, such as SIEM, firewalls, intrusion detection and prevention systems, and encryption technologies, to protect company technology and information systems.
Development and tuning of SIEM use cases and other security control configurations to enhance threat detection capabilities.
Experience with industry-standard security tools and technologies, such as SIEM systems, endpoint protection solutions, and vulnerability scanning tools
Perform in-depth investigation of security alerts received from various security controls/technologies, assess the risk, and recommend corrective actions when required.
Coordinate with appropriate internal/external stakeholders during the investigation process to determine whether security incident has occurred, identify the root cause, and provide appropriate recommendation for remediation.
Create and maintain incident response plans and procedures to respond to security incidents.
Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, penetration testing, or related areas.
Conducting security assessments and risk analysis to identify potential vulnerabilities and threats to company technology and information systems.
Define, implement, and maintain security policies and procedures to ensure compliance with industry standards and regulations, such as FOIPPA.
Conducting regular security audits and vulnerability assessments to ensure that security controls are operating effectively.
Monitoring and investigating security incidents and breaches and taking appropriate action to mitigate the impact of such incidents.
Understanding of relevant industry security standards and protocols including ISO27001 and National Institute of Standards and Technology (NIST).
Understanding of programming/scripting languages two or more (C, C++, C#, PHP, Perl, Java, and Shell) and ability to run basic database queries.
Providing guidance and training to other IT security staff on security best practices, including how to identify and respond to security threats.
Collaborating with other departments, such as privacy, legal, and IT, to ensure that security policies and procedures are aligned with company goals and objectives.
Staying up to date with emerging security threats and technologies and making recommendations for security posture improvements
Strong written and verbal communication skills and the ability to present complex technical topics in easy-to-understand language.
CISSP and GIAC certifications preferred.

Mandatory Skills:

Undergraduate or masters’ degree in computer science, information systems, cybersecurity, or related field. An equivalent combination of education, training and/or experience may be considered
Minimum of eight (8) years demonstrated experience in information security
Minimum of five (5) years demonstrated project experience as Senior Security Architect/ Engineer

Desired Skills:

Five (5) years of demonstrated recent experience in network and system architecture, as well as experience working with industry-standard security tools and technologies, such as security information and event management (SIEM) solutions, firewalls, intrusion detection and prevention systems, and vulnerability scanning tools.
Three (3) or more years of demonstrated recent experience in emerging security technologies, such as cloud security, IoT security, and AI/ML-based security solutions
Five (5) or more years of demonstrated recent experience in analyzing complex systems and network architectures, identify potential security risks, and develop solutions to address those risks.