Job Description

You belong at Day & Ross.

Information Security Architect



Full-Time



Canada (On-site)





Reporting to the Director, IT Cybersecurity, the Information Security Architect is responsible for the development and oversight of security architecture, relevant security design requirements involved in new initiatives, modification and ongoing support of existing objectives and initiatives. The Information Security Architect must work with IT business partners as well as IT professionals in evaluating Information Security risks and implementing security controls across the organization.

How You'll Help:

Develop and implement Day and Ross's security architecture in alignment with Enterprise Architecture and Information Security teams following an industry standard framework and methodology. Reporting on progress of development and implementation of the security architecture through management reports, dashboard and scorecards, or another method agreed upon. Update and align the information security architecture when applicable; assist with remediation to impacted stakeholders should it be necessary and communicate any impacts such changes may cause. Assist with building and implementing an Enterprise Security Architecture program. Drive improvements on current architecture practices methodologies and assisting with implementing new methodologies as required. Build and main an architecture that meets Day and Ross's organizational risk profile from risk assessments, management direction and awareness of critical business assets. Provide input and guidance to Day and Ross's Information Security awareness training framework and communication plan, Security operations and governance as needed. Assist with strategic, tactical and compliance review planning of the Day & Ross information security program, including metric and reporting development. Lead the development and execution of IoT security strategies, including risk management practices, device authentication protocols, and secure integration for large-scale IoT deployments. Conduct comprehensive security assessments for IoT devices and platforms, ensuring alignment with enterprise architecture and regulatory requirements. Collaborate with IT, business, and vendor teams to support telematics, fleet management, asset tracking, and real-time data initiatives.

Your Skills & Experience:

Minimum of ten (7) years of experience in information technology with at least seven (5) years of experience in a security architecture role, which includes the following disciplines: + (1) Performing risk assessments/analysis/audits of IT internal controls or IT processes
+ (2) Enterprise Security Architecture
Relevant industry certifications from organizations such as ISC2, ISACA, SABSA or SANS will be considered strong assets. Preference will be given to holders of ISSAP and SABSA SCM. Knowledge and experience in using SABSA, ISO 27000, NIST, and other applicable security frameworks and enterprise architect frameworks such as Zachman and TOGAF. Knowledge of network-based services, client/server applications, mobile applications, enterprise systems and infrastructure, network architecture, and security infrastructure. Understanding of security controls such as firewalls, proxies, SIEM, antivirus, encryption, identity and Access Management, Vulnerability Scanning and/or Intrusion Prevention Systems. Familiarity with GDPR and other privacy legislation considered an asset Experience designing and implementing security controls for IoT environments, including telematics, sensor networks, and asset tracking systems. Familiarity with IoT-specific standards and frameworks (e.g., NIST IoT Cybersecurity Framework, IEC 62443). IoT device security, authentication, and lifecycle management. Secure integration of IoT platforms with enterprise systems. Knowledge or familiarity with transportation automation systems considered a strong asset. Ability to interact with a broad cross-section of stakeholders to explain and enforce security measures, in both business and technical terms. Excellent written and verbal communication skills in English. Proven ability as a self-starter, working independently, and showing initiative. Ability to lead teams and manage employees. Experience in the transportation and/or logistics industry is a strong asset.




Measures of Success

Security Knowledge

: An understanding of various security control requirements, functional and conceptual designs, technical and administrative controls, and implementation approaches.

Risk Management:

ability to identify and address information security risks not covered by the security architecture, assign the correct management recommendations including mitigating controls.

Stakeholder Management:

Ability to work and communicate with a broad range of both technical and non-technical internal stakeholders.




Additional Information


Key internal relationships: Information Technology staff and management. Some business stakeholders. Occasional travel within Canada (Toronto, Ontario and/or Florenceville, New Brunswick, etc.) and USA may be required. Job primarily performed in a standard office environment, however, work from home is available with manager approval.




To apply, visit our Careers page at

dayross.com

.



If you're chosen for the role, you'll be asked to provide reference and criminal background checks before employment. You'll only be contacted if you're selected for an interview.

About Day & Ross

From a single truckload of potatoes in the 1950s to a fleet of thousands, Day & Ross has grown to become one of the largest transportation and logistics providers in North America. With over 7,500 team members on and off the road in the US and Canada, we offer a diversified portfolio of freight and delivery solutions, including LTL, Truckload, Residential, Dedicated Fleet Solutions, and Logistics.



We believe our people are our greatest strength. For over a decade, we've been recognized as one of Canada's Best Managed Companies. We've also been named a Top Company for Women to Work for in Transportation since 2018. Our recognition reflects the family values we share with our parent company, McCain Foods Limited.


As a federally regulated employer, Day & Ross fully supports the principles of employment equity and encourages all qualified members of the designated groups to apply. Day & Ross is committed to ensuring equal access and participation for people with disabilities and meeting their needs in a timely manner. We will do so by removing and preventing barriers to accessibility and by meeting our accessibility requirements under Accessible Canada Regulations and in alignment with our business practices, capabilities, and values.





#LI-MR1 #LI-Onsite