Promoting security awareness and development.


Benchmark Tech Recruitment is looking for a Security Architect on behalf of their client, Coast Capital Savings.


What’s the job?

At Coast Capital Savings we’re on a mission to empower members to achieve what’s important in their lives. We’re looking for someone who’s passionate about helping and making a meaningful impact. As the Security Architect, you’ll be responsible for developing security architecture strategies and roadmaps. You will also be responsible to architect business solutions that meet security and compliance mandates with other architects of the EA team, ensuring the overall IT solutions integrates with various operational security systems to facilitate defense in depth, cyber hygiene, security monitoring, security incident response and minimize breach impact. You will partner with stakeholders across the organization to securely achieve the functional requirements of business initiatives.

What you’ll get to do:

  • Establish a strategic security architecture vision, including reference architectures and frameworks that are aligned with overall business strategy
  • Participate in solution architecture design; lead security efforts assisting with the integration and initial implementation of solutions
  • Understand current as well as emerging security threats and design security architecture to mitigate threats where possible
  • Contribute to secure systems and application development and system integration methodologies
  • Responsible for assessing and auditing network controls and security zoning.
  • Responsible for recommendations that increase cost effectiveness and systems flexibility utilizing knowledge of current or emerging technologies and threats as they pertain to Coast systems development efforts.
  • Provide technical leadership in the area of Information Security including guidance, mentoring and skills development.
  • Maintain expert knowledge of regulatory, industry, security and privacy standards. Makes recommendations to security policy, directives and guides to ensure CCS security program evolve to new standards.
  • Responsible to assess, recommend, and design for security products and services, such as anti-virus, firewalls, DLP, SIEM, Web Security Gateways, and email SPAM.
  • Responsible for risk assessing and identifying control strengths/weaknesses and opportunities for improvement of current/proposed infrastructures.
  • Responsible for security and compliance audits, internal/external penetration analysis, and vulnerability research.
  • Review existing architecture, identify design gaps and recommend security enhancements
  • Serve as Information Security subject matter expert; provide advisory and consulting services as needed.
  • Serve as a security expert in application development, database design, network, and/or platform (operating systems) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.
  • Contributes to the development and maintenance of information security strategy and architecture.
  • Leads the solution design of foundational security services to be consumed by enterprise information systems.
  • Work with various IT teams to determine and provide direction in the planning and implementation of defenses on systems, infrastructure, operations and facilities.
  • Review the implementation and operation of security systems and their corresponding or associated software to ensure they operate as designed.

Who are we looking for?

A Security Solutions Architect that will act as a team lead, overseeing risk consulting decisions made by security risk personnel’s.

  • 7+ years of relevant experience in IT
  • Minimum of 5 years’ experience building high level security architecture strategies and roadmaps
  • Proficient at assessing and auditing network controls and security zoning; risk assessing and identifying control strengths/weaknesses and opportunities for improvement of current/proposed infrastructures.
  • One or more Industry security certifications such as CISSP, ISSAP, ISSMP, CISM, CGEIT, CRISC, CISA required and one or more relevant SANS and/or technical vendor/industry certification required
  • Advanced understanding of Enterprise Architecture practices and frameworks (TOGAF, Zachman)
  • Advanced hands-on proficiency with Microsoft enterprise level products and Unix/Linux based environments and technologies
  • Advanced to expert working knowledge in the application of ISO 27001/2 other security compliance certifications
  • Proficient to advanced knowledge of legislation and regulations affecting information security and the financial industry and other industry best practices
  • Solid knowledge and hands-on experience of web technologies like Application Servers, J2EE, ESB, web services, HTTPS, SOAP, Java Script framework, Sql/NoSql Database
  • Solid knowledge and hands-on experience on application integration patterns and techniques, Experience web services/API design.
  • Excellent organizational skills and the ability to manage priorities judiciously
  • Ability to present ideas in business-friendly and user-friendly language
  • Exceptionally self-motivated and directed
  • Superior analytical, evaluative, and problem-solving abilities with a keen attention to detail
  • Ability to be successful in a team-oriented, collaborative environment
  • Ability to research, recommend and implement industry best practices

Key Requirements and Notes:

  • This role will work closely with our Architecture team, BA’s and interface with senior business leaders to convey security challenges
  • Must have strong business acumen, be a strategic thinker, knowledgeable in architecture methodology
  • Strong communication and presentation skills
  • Work as a team lead on functional work as they’ll be the most Senior on the Security Risk team
  • Experience in Cloud technology and applying security controls to Cloud would be an asset
  • Strong documentation skills
  • New Director of Security at Coast in the last year
  • There was a CISO consulting firm from PwC who built out the original framework
  • Telus is currently doing some of the security work (functional security, technical, monitoring, etc) at Coast as they move from an outsourced service to building their own internal security team
  • There is currently 1 director, 1 security architect, 4 security analysts

Candidates interested in this position should contact Annie Conley at Benchmark Tech Recruitment at annie@bmtrecruitment.com or 778-938-3405.




This entry was posted on June 14, 2018