Security Architecture Specialist Job In Montreal

Job Description

We are seeking a skilled and motivated Security Architecture Analyst to join our team. This role is critical in performing security architecture assessments, developing remediation strategies, and helping to ensure our systems and applications meet global security standards. The ideal candidate will have a solid technical background, excellent communication skills, and the ability to assess both application and infrastructure security in an enterprise environment.

Key Responsibilities:

1. Initiate communication with system owners/vendors to collect background information and schedule interviews for security assessments.
2. Conduct thorough remote and/or in-person interviews with system owners and vendors to identify security gaps and gather detailed system data.
3. Review technical documentation such as system specifications, architecture diagrams, requirements, and test plans to evaluate adherence to security standards.
4. Collaborate with Senior Security Architecture Analysts and other stakeholders to review findings and address concerns.
5. Conduct comprehensive security assessments based on documentation and interviews.
6. Develop clear, detailed security architecture assessment reports identifying root causes and providing actionable remediation strategies.
7. Contribute to the development of global security standards, guidelines, and processes.
8. Evaluate and make recommendations for the adoption of new and emerging security technologies.

Basic Qualifications:

1. 3+ years of experience in Security Architecture Assessment.
2. Bachelor's degree in information systems security, Computer Science, or a related field.

Preferred Skills & Certifications:

1. One or more professional certifications such as CISSP, SSCP, or CISM (in good standing) strongly preferred.
2. Strong verbal and written communication skills, with the ability to present to both technical and non-technical stakeholders.
3. Experience in application and/or infrastructure security in enterprise environments.
4. Ability to explain and guide developers on common vulnerabilities (e.g., XSS, CSRF, Injection attacks) and remediation methods.
5. Proficiency in articulating technology risks to business stakeholders.
6. Ability to work under pressure and meet tight deadlines.
7. Strong knowledge of access control technologies including SSO, SAML 2.0, and Kerberos.
8. Familiarity with OWASP Top 10 vulnerabilities and best practices.
9. Excellent analytical, research, and problem-solving skills.
10. Knowledge of security incident response procedures, threat modeling, and various attack vectors.
11. Solid understanding of network and system infrastructure and security best practices.