Job Description

Our client, Bell Canada, is looking for a Senior Security Architect for a long-term contract. If you possess both cutting-edge offensive and defensive skills, then we want to talk to you. The ideal candidate would have 8+ years working experience in a sSDLC (Secure Software Development Lifecycle) environment.Key Responsibilities and Job Duties: Analyze vulnerabilities found through security scans and propose remediation strategies. Continuously improve our offensive and defensive capabilities. Create, organize, document, and run red teaming exercises. Drive lessons learned and follow up on activities after red teaming exercises. Support our teams in evaluating new security solutions. Document and present relevant findings to management and peers. Document all security incidents and assess their actual or potential damage. Participate in brainstorming sessions with the team to create application threat models and provide guidance on effective countermeasures. Collaborate with application developers to identify security-sensitive functionality in apps and services lacking security coverage and bring security awareness and techniques for mitigation into the affected areas. Help maintain and scale intrusion detection and incident response pipelines and tools. Impact security standards at all levels of the program.Key Competencies and Experience: Certified in one of the following CompTIA Security+, CompTIA PenTest+, CISSP, CEH, CISM, CISA, CTIA, CCSP, CRISC, is considered a strong asset. Excellent knowledge of IT security standards, risks, threats, prevention measures, and best practices. Advanced experience in application development and sSDLC practices. Experience with Application Security and Vulnerability Management programs that leverage SAST, DAST, network vulnerability scanners, etc. Blended "purple team" experience: coverage of both "red team" / penetration test processes & tools as well as "blue team" defensive techniques and countermeasures. Extensive experience with red teaming operations and/or penetration testing. Security testing tools including OWASP Zed Attack Proxy, Burp Suite, Postman. Experience with web and API attack and mitigation methods, security assessments and penetration testing. Knowledge of open security standards such as OWASP Top 10, CWE, OWASP ASVS, SANS Top 25, NIST. Solid understanding of common web application technologies, languages, and frameworks. In-depth knowledge of common software vulnerabilities. Programming experience in .NET, C#, and Java. Experience with Web Services such as JSON, XML and REST Technologies. Honest and professional, strong team influencer, able to proactively support team culture that fosters knowledge sharing, excellence, and collaboration. Able to work under pressure, facilitate discussion, decision-making, and conflict resolution. Excellent communicator, Fluent in English, able to engage and effectively respond to third party vendors and business units.Moerae Solutions Incorporated values diversity and is an equal opportunity employer. We are committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act. MSi welcomes and encourages people with disabilities and is committed to ensuring equal access and participation for people with disabilities. We are committed to treating people with disabilities in a way that maintains dignity and independence. Accommodations are available upon request for candidates taking part in all aspects of the recruitment/selection process as a result of disability.Job Types: Full-time, Fixed term contractSchedule:

• 8 hour shift