CoreFactor is searching for an experienced Cybersecurity Architect to join one of our clients in the GTA on a contract basis.
This role is hybrid and will require the successful candidate to come into the downtown, Toronto office two (2) times per week.
Reporting to the Manager, Cybersecurity, you will be a senior member of the Cybersecurity Operations team. You will be instrumental in improving the organization’s security posture and will work closely with internal business units and vendors alike to safeguard users, infrastructure, applications, and workflows. You should be able to work in a fast-paced and collaborative environment, with the ability to be nimble, multi-task, and problem solve. You take initiative, excel at strategic planning, and can handle multiple initiatives in parallel.
The Role:
- Work as a Cybersecurity subject matter expert to deliver projects from initiation through to successful implementation.
- Help develop and execute the organization's cybersecurity strategy, ensuring alignment with business goals and emerging threats.
- Collaborate across various technical and non-technical departments to ensure projects and initiatives adhere to established Cybersecurity standards.
- Integrate and enhance existing Cybersecurity technologies to address inherent and residual risk.
- Understand Cybersecurity maturity and provide evidence to Governance and Compliance teams when completing assessments and audits.
- Apply fixes, patches, updates, and suggest configuration remediations where identified as deficient.
- Deploy logging, alerting, and auditing configurations for integration with 24/7 monitoring (SOC).
- Review native network, endpoint, and cloud technologies and tune configurations based on best practices.
- Research technologies to identify, recommend, and deploy best-in-breed 3rd party security solutions.
- Research emerging threats, attack vectors, and techniques.
- Help define, document, and test incident response playbooks.
- Respond to Cybersecurity events, alarms, and incidents.
- Provide technical guidance and mentoring to peers, less experienced analysts, and project stakeholders.
Requirements
- 5+ years of professional Cybersecurity experience in a senior role supporting a wide range of complex technologies.
- Proven record of implementing and scaling enterprise-level Cybersecurity solutions.
- Ability to effectively communicate to technical and non-technical stakeholders in written, oral, and presentation formats.
- Extensive understanding of NIST CSF and CIS Benchmarks.
- In-depth understanding of vulnerability and threat, including CVE, MITRE/ATT&CK, and OWASP.
- Intimate understanding of the Zero Trust security model.
- Advanced understanding of SIEM technologies including event correlation, corroboration, tuning, and testing.
- Expert-level understanding of endpoint technologies such as AV, EDR, UEM, and privilege management.
- Experience leading incident response initiatives, including conducting tabletop exercises, post-incident reviews, and root cause analyses.
- Hands-on experience with network security technologies such as firewalls, IDS/IPS/ATP, URL filtering, DDoS mitigation, and E-mail protection.
- Familiarity with Cloud Security fundamentals as they apply to AWS, GCP, and Azure.
- Understanding of Data Loss Prevention solutions, techniques, and policies.
- In-depth understanding of traditional routing and switching as well as Software Defined Networking technologies such as Cisco ACI.
- Practical experience with administration of Network Packet Broker and Network Access Control technologies.
- Understanding of Identity and Access Management/Modern Authentication solutions such as OAuth2 and SAML 2.0.
- Comfortable with Active Directory-based networks, including Azure AD.
- Familiarity with Windows, Mac, and Linux operating systems in both physical and virtualized environments.
- Working knowledge of PKI.