Lead Consultant, Security Consulting and Design (SCAD) is an advisor and subject matter expert representing technology with the responsibility of securing our applications and (on-prem & multi-cloud) infrastructure. This is a key role shaping the strategy and implementation of technology projects and platforms across the Bank.
You will provide expert security consultation to project, business, platform, and development teams on new initiatives. You will participate in infrastructure and application roadmaps to help modernize and maintain the Bank’s infrastructure and application ecosystem with a security lens. You will help guide and lead the technical teams throughout the development cycle. Provide operational support as required.
We are looking for a well-rounded senior cybersecurity resource who has managed bigger projects in consulting role and has in-depth knowledge in various cybersecurity domains. The candidate will work closely with senior technology leaders and executive business stakeholders to understand business strategies and ensure technology solutions align strategically, are customer focused, while keeping an agile and innovative mindset. It is not a hands-on or tool focused role.
Reports to: AVP, Cybersecurity Consulting and Design
Responsibilities/Duties
- Work with the business and technical teams to define scalable, available, and resilient end to end solutions spanning digital front and back-end systems considering the enterprise architecture strategy in the appropriate security domains.
- Contribute to the production and maintenance of architecture artifacts in relation to project assigned to him/ her e.g. CIAM, SIEM, IGA, CLM, Public Cloud, Data protection, Threat and Fraud Management, and Application/Network/ Endpoint/Infrastructure security.
- Subject matter expert contributing to security reviews.
- Have in depth understanding of technology solutions, including cloud, containerization, virtualization, CI/CD APIs, and n-tier application stack.
- Expert knowledge in public (AWS, Azure) and private cloud implementations
- Well versed in network architecture and best practices
- Contribute to the creation and maintenance of the technology application and infrastructure roadmaps to modernize platforms to meet business objectives.
- Demonstrate analytical mindset with strong affinity for problem solving in complex environments.
- Influence the Bank's strategic orientation by implementing technological solutions that optimize the quality of services and operations.
- Ensure solutions being proposed are viable and balance strategic and tactical goals and meet project budget and timelines.
- Perform analysis to understand the impact of changes to upstream and downstream systems.
- Contribute to the growth of the architecture practice by helping define enterprise architecture objectives and standards.
- Provide subject matter expertise, help lead the technical teams and be a trusted advisor to the business.
- Work closely with Solution, Infrastructure and Data architects to ensure all facets of architecture are being considered.
- Demonstrate excellent communication and negotiation skills required to clearly articulate and explain the proposed solution to senior stakeholders.
- Experience with license and capacity planning
- Work closely with vendors for outsourced solutions. Review vendor solutions and recommendations
- Ability to work across multiple projects / development stream initiatives in parallel.
Minimum Requirements
- 10+ years of core cybersecurity experience implementing security solutions for large programs with excellent understanding of how to build resilient systems in a complex ecosystem.
- Proven experience working in a highly complex multi platform 24/7 environment.
- Must be experienced in creating a strategic cyber security technology direction, aligning it with tactical activities, and communicating plans broadly across the organization.
- Working knowledge in network, storage, application development, Operating Systems, CIAM, PAM, SSO, encryption standards.
- Prior experience of working with information security frameworks and standards including the NIST Cyber Security Framework, NIST 800-53, OWASP, PCI DSS and OSFI in agile work environment.
- Strong leadership and stakeholder management skills
- Knowledge of the banking and financial sectors
- Experience in Enterprise or solution architecture.
- Strong team player with demonstrated ability to work in a fast-paced environment
- Experience in design and development of high availability platforms
- Experience working across multiple large-scale cloud providers, including AWS, Azure, and Google Cloud.
- CISSP and one of the Cloud Security certifications (CCSP, AWS SS, Az 500) is a must.