About the role
Our client, the Bank of Canada has a 2 year remote contract opportunity for a Security Architect
Under the direction of the Assistant Director, Cyber Architecture; • Provide cyber security, and emerging technology advisory services to support the Bank's strategic objectives and transformation initiatives. • Assess current and target-state technology architectures to support secure, compliant, resilient, and risk-based business transformation. • Identify, assess, and communicate cybersecurity related concerns. • Develop, maintain, and enhance IT security standards, policies, architectural principles, governance requirements, control frameworks, reference architectures, architecture building blocks, secure design patterns, and AI security guidance aligned with Bank standards, regulatory expectations, and industry best practices. • Conduct security architecture reviews, threat modelling, security assessments, and risk assessments for technology, business, AI, and transformation initiatives, and recommend practical, risk-based mitigation strategies aligned with Bank security requirements. • Support technology governance, security-by-design practices, compliance activities, audit engagements, and adherence to Bank standards, regulatory requirements, and risk management expectations across enterprise initiatives. • Advise on threat management, vulnerability management, technology risk management, third-party risk, cyber risk, and emerging risk practices, including considerations for artificial intelligence and advanced technologies. • Translate technical, security, and cyber risks into business impacts and actionable recommendations for stakeholders, governance forums, senior leadership, and decision-makers. • Produce and maintain documentation, architectural artifacts, assessments, reports, presentations, and other deliverables required to support project execution, governance processes, audits, compliance activities, and leadership decision-making. • Support implementation planning, prioritization, and adoption of security controls, architectural patterns, governance processes, and risk mitigation measures. • Provide subject matter expertise, stakeholder engagement, workshops, awareness sessions, and knowledge transfer related to cyber architecture, technology risk, security governance, AI security, and emerging technologies. • Monitor and assess evolving cyber security, technology, regulatory, and AI trends and provide recommendations to strengthen the Bank's security posture, technology strategy, and risk management practices. Required Qualifications & Skills: • University Degree or College Diploma in Computer Science, Information Security, Engineering, Artificial Intelligence, or a related discipline. • A minimum of five (5) years of experience in information technology, cyber security, technology risk, enterprise architecture, or related fields. • A minimum of three (3) years of experience performing cybersecurity architecture, technology risk advisory, enterprise architecture, or similar senior cybersecurity functions within complex or regulated environments. • Demonstrated experience assessing current-state security and technology environments and developing target-state architectures, security strategies, roadmaps, and transformation recommendations. • Demonstrated experience designing, evaluating, implementing, or governing security controls across applications, infrastructure, cloud platforms, data environments, digital services, and AI-enabled technologies. • Demonstrated experience conducting security architecture reviews, threat modelling, security assessments, technology risk assessments, and control gap analyses, and providing practical risk-based recommendations. • Demonstrated experience developing and maintaining security standards, architectural principles, governance frameworks, policies, reference architectures, design patterns, and other reusable security and architecture artifacts. • Demonstrated knowledge of cyber security, technology risk, privacy, compliance, artificial intelligence, automation, and emerging technology risks, including associated governance and control considerations. • Demonstrated ability to communicate complex technical, architectural, and cyber security concepts to both technical and non-technical audiences and translate risks into business-focused recommendations. • Demonstrated experience engaging stakeholders, facilitating workshops and discussions, producing high-quality documentation, and presenting recommendations to governance committees, senior leadership, and cross-functional teams. Additional Qualifications The following will also be considered: • Demonstrated strong knowledge of cyber security, technology risk, and governance frameworks such as NIST Cybersecurity Framework (CSF), NIST Special Publications, NIST AI Risk Management Framework (AI RMF), ISO/IEC 27001/27002, COBIT, and related industry standards • Demonstrated experience applying security-by-design, privacy-by-design, and risk-based control frameworks across technology, cloud, data, AI, and digital transformation initiatives • Demonstrated knowledge of third-party, technology, cyber, and operational risk management practices, including vendor and supply-chain risk considerations • Demonstrated knowledge of cloud, hybrid, SaaS, AI, and emerging technology security principles, including identity and access management, data protection, resiliency, monitoring, and governance considerations • Demonstrated understanding artificial intelligence and emerging technology risks, including model governance, data security, privacy, explainability, responsible AI, and technology risk management principles • Relevant certifications considered an asset (e.g., CISSP, CISM, CCSP, SABSA, TOGAF, CRISC, CGRC, Certified in AI Governance (AIGP), Certified AI Security Practitioner (CAISP), or equivalent)
Similar Jobs
About the role
Our client, the Bank of Canada has a 2 year remote contract opportunity for a Security Architect
Under the direction of the Assistant Director, Cyber Architecture; • Provide cyber security, and emerging technology advisory services to support the Bank's strategic objectives and transformation initiatives. • Assess current and target-state technology architectures to support secure, compliant, resilient, and risk-based business transformation. • Identify, assess, and communicate cybersecurity related concerns. • Develop, maintain, and enhance IT security standards, policies, architectural principles, governance requirements, control frameworks, reference architectures, architecture building blocks, secure design patterns, and AI security guidance aligned with Bank standards, regulatory expectations, and industry best practices. • Conduct security architecture reviews, threat modelling, security assessments, and risk assessments for technology, business, AI, and transformation initiatives, and recommend practical, risk-based mitigation strategies aligned with Bank security requirements. • Support technology governance, security-by-design practices, compliance activities, audit engagements, and adherence to Bank standards, regulatory requirements, and risk management expectations across enterprise initiatives. • Advise on threat management, vulnerability management, technology risk management, third-party risk, cyber risk, and emerging risk practices, including considerations for artificial intelligence and advanced technologies. • Translate technical, security, and cyber risks into business impacts and actionable recommendations for stakeholders, governance forums, senior leadership, and decision-makers. • Produce and maintain documentation, architectural artifacts, assessments, reports, presentations, and other deliverables required to support project execution, governance processes, audits, compliance activities, and leadership decision-making. • Support implementation planning, prioritization, and adoption of security controls, architectural patterns, governance processes, and risk mitigation measures. • Provide subject matter expertise, stakeholder engagement, workshops, awareness sessions, and knowledge transfer related to cyber architecture, technology risk, security governance, AI security, and emerging technologies. • Monitor and assess evolving cyber security, technology, regulatory, and AI trends and provide recommendations to strengthen the Bank's security posture, technology strategy, and risk management practices. Required Qualifications & Skills: • University Degree or College Diploma in Computer Science, Information Security, Engineering, Artificial Intelligence, or a related discipline. • A minimum of five (5) years of experience in information technology, cyber security, technology risk, enterprise architecture, or related fields. • A minimum of three (3) years of experience performing cybersecurity architecture, technology risk advisory, enterprise architecture, or similar senior cybersecurity functions within complex or regulated environments. • Demonstrated experience assessing current-state security and technology environments and developing target-state architectures, security strategies, roadmaps, and transformation recommendations. • Demonstrated experience designing, evaluating, implementing, or governing security controls across applications, infrastructure, cloud platforms, data environments, digital services, and AI-enabled technologies. • Demonstrated experience conducting security architecture reviews, threat modelling, security assessments, technology risk assessments, and control gap analyses, and providing practical risk-based recommendations. • Demonstrated experience developing and maintaining security standards, architectural principles, governance frameworks, policies, reference architectures, design patterns, and other reusable security and architecture artifacts. • Demonstrated knowledge of cyber security, technology risk, privacy, compliance, artificial intelligence, automation, and emerging technology risks, including associated governance and control considerations. • Demonstrated ability to communicate complex technical, architectural, and cyber security concepts to both technical and non-technical audiences and translate risks into business-focused recommendations. • Demonstrated experience engaging stakeholders, facilitating workshops and discussions, producing high-quality documentation, and presenting recommendations to governance committees, senior leadership, and cross-functional teams. Additional Qualifications The following will also be considered: • Demonstrated strong knowledge of cyber security, technology risk, and governance frameworks such as NIST Cybersecurity Framework (CSF), NIST Special Publications, NIST AI Risk Management Framework (AI RMF), ISO/IEC 27001/27002, COBIT, and related industry standards • Demonstrated experience applying security-by-design, privacy-by-design, and risk-based control frameworks across technology, cloud, data, AI, and digital transformation initiatives • Demonstrated knowledge of third-party, technology, cyber, and operational risk management practices, including vendor and supply-chain risk considerations • Demonstrated knowledge of cloud, hybrid, SaaS, AI, and emerging technology security principles, including identity and access management, data protection, resiliency, monitoring, and governance considerations • Demonstrated understanding artificial intelligence and emerging technology risks, including model governance, data security, privacy, explainability, responsible AI, and technology risk management principles • Relevant certifications considered an asset (e.g., CISSP, CISM, CCSP, SABSA, TOGAF, CRISC, CGRC, Certified in AI Governance (AIGP), Certified AI Security Practitioner (CAISP), or equivalent)