Job Description

Must-haves:

Security arch and design with Cloud Platforms -(AWS, Azure) Client Relationship Building skills.

Key Responsibilities

Lead end-to-end security design and architecture reviews for common cloud platforms (AWS, Azure, GCP) and major SaaS applications Develop and maintain secure-by-design reference architectures, patterns, and guidelines tailored to IaaS, PaaS, and SaaS deployments Perform threat modeling, risk assessments, and gap analyses to align solutions with internal security standards and regulatory requirements Define identity and access control strategies, including SSO, MFA, PKI, and least-privilege models Design various network and infrastructure security controls: e.g. network segmentation, security groups, firewalls, SASE, IPS/IDS Architect data protection solutions: encryption key management, Transparent Data Encryption, tokenization, DLP for cloud and SaaS data Integrate application and infrastructure logs into SIEM platforms (Splunk Cloud, Azure Sentinel) and design SOAR playbooks for automated response Collaborate with DevOps and engineering teams to embed security requirements in CI/CD pipelines, leveraging IaC tools Facilitate design workshops, governance gates, and architecture review boards; document decisions and action items Mentor junior architects and security engineers, sharing best practices and driving continuous improvement

General Skills

Proven leadership in technical security architecture for enterprise environments Deep expertise across cloud service providers (AWS, Azure, GCP) and SaaS ecosystems Strong grounding in application architecture, networking, and security operations Proficiency in structured design methodologies and ITIL service-management practices Ability to translate complex business requirements into actionable security solutions Experience creating conceptual, logical, and physical process/data models Track record of developing, recommending, and governing security architecture Awareness of emerging technologies, industry trends, and security best practices Excellent analytical, problem-solving, decision-making, and interpersonal skills Clear verbal and written communication; skilled at presenting to technical and executive audiences Collaborative team player with a consistent record of meeting deadlines

Core Security Technology Domains (45%)

Identity & Access Management:

SSO, MFA, PKI, identity federation (OAuth/OIDC, SAML)

Infrastructure & Network Security:

VCN/VNet/subnet design, firewalls, security groups, micro-segmentation, SASE patterns

Data Protection:

KMS/Vault key management, TDE, tokenization, DLP, data classification and discovery

Application Security:

Secure SDLC, container and serverless hardening, API gateway policies, WAF integration

Security Operations & Visibility:

SIEM ingestion pipelines, correlation searches, dashboards, SOAR automation, EDR tools

Agile Project Delivery (15%)

Hands-on experience in Agile/Scrum environments: backlog management, user-story creation, sprint planning, retrospectives Embed security requirements and automated testing into CI/CD pipelines Facilitate cross-functional workshops (threat modeling, design sprints) to align SecOps, DevOps, and architecture teams

Architecture & Design Expertise (35%)

Apply frameworks (TOGAF, NIST CSF, CIS Controls) to cloud and SaaS solutions Lead requirements gathering, conceptual, logical, and detailed design phases Provide engineering implementation support: IaC (Terraform, CloudFormation), configuration templates, logging-agent deployments Guide peers through design reviews, governance gates, and operational handovers

Public Sector & Regulatory Awareness (5%)

Previous public-sector or regulated-industry experience is a plus Familiarity with mandates and standards (FIPPA, PHIPA, PCI DSS, AODA, ISO 27001) Embed audit trails, retention policies, and compliance checks into design artifacts
Job Type: Fixed term contract
Contract length: 6 months

Pay: $125.00-$130.00 per hour

Application question(s):

Do you have experience in Ministry of Public? Security arch and design with Cloud Platforms ?
Work Location: Hybrid remote in Toronto, ON M5B 2L1