Job Description

This is a flexible position and has the option of working in our Toronto office full time, hybrid throughout the week or working entirely remotely. #LI-Remote About the role: Vena Solutions is seeking a Security Architect to help frame, define and enable a continuous security strategy and architecture for our SaaS cloud technologies and their associated development life cycle. This role is a match for you if you are looking to apply your strengths in application & technology security while building a culture of enablement for a security-centric team. At Vena we continuously evolve through innovation with a keen eye on a customer experience that is second to none. Ensuring that we maintain a strong security posture as we enhance our products, tools and infrastructure, will retain that trust we earn with our clients. Our environment and culture both foster and encourage individuals who are self-directed and self-motivated, empowering employees to take ownership of our collective success. Here at Vena, we value transparency, inclusion, continuous learning and passionate people who want to make their mark on our rapidly growing product and business. You will have the opportunity to collaborate with a broad range of stakeholders, including DevOps, Infrastructure, Engineering, CISO and Product, as you provide thought leadership and hands on support to continuously minimize our risk footprint. To be successful, this role requires you to thrive in a workplace that is fun, engaging, technically challenging and filled with opportunities to be individually impactful. What you will do:

• Security Architecture Strategy/Roadmap: Define an evolutionary Security Architecture Strategy/Roadmap for Vena's technology landscape across the dimensions of information, infrastructure, continuous delivery, applications, and associated domains such as IAM, monitoring, secure coding, etc.
• Architecture Risk Assessments: Define an architecture risk assessment model and perform ongoing evaluations for feature additions and enhancements
• Solution Architecture: As a Security domain expert, support delivery teams/functions in their designs ensuring alignment against our architecture, associated security standards, compliance requirements and best practices
• Communications: Maintain Architecture artifacts and create & deliver engaging training material to mentor and support a culture of security aware resources
• Governance: Actively participate as a member of the architecture governance board in both process definition and execution, including development of internal standards, policies, principles, best practices, etc.
• Security Response: Responsible for the active support of security problem resolution and identifying trends of recurring/related issues
• Lifecycle: Working with our DevOps teams, enable a DevSecOps practice with a focus on having security shift-left in our delivery
• R&D: Stay in-tune with current industry trends and risks and evaluate opportunities to reduce risk, enable teams and maintain client trust
• Intake & Coordination: Work closely with the CISO organization in all activities ensuring coordination and collaboration, and ensuring outcomes are part of development intake as required

Does this sound like you?:

• 8+ years of practical experience in IT, including Architecture
• 2-3+ years of Information Security experience
• CISSP-ISSAP certification
• Strong understanding of cloud computing architecture, design and implementations and their associated security domains/concerns (AWS biased)
• Deep understanding of DevSecOps and continuous integration lifecycles
• IAM familiarity/experience including technology stack (e.g. cloud AAA services) and protocols (e.g. SAML, OpenID, OAuth)
• Proven collaboration, communication and influencing skills across diverse stakeholders
• Experience performing threat and risk assessments through the full stack of cloud infrastructure (IaaS, PaaS, SaaS) and applications
• Experience with common information/security management frameworks, such as: International Standards Organization (ISO) 2700x, SOC and National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF)
• Experience managing relationships with 3rd party service providers and vendors
• Good understanding of zero-trust and tactics to adopt

Not checking every box?
Sounds like the job for you, but you don't think you have what it takes on paper? Reach out to us anyway! We're aware that members of marginalized groups typically apply only when they check every box. Vena is an inclusive workplace that considers all applicants. We value diversity—in professional backgrounds and in experiences—and are committed to providing equal opportunity and a sense of belonging for all employees and applicants. Let's discover together whether you could be a great fit at Vena. Why choose Vena?

• • Total Rewards: Grow with Vena and celebrate its success with our Employee Stock Option Program (ESOP). We look ahead and invest in your future with our Retirement Savings Matching Program. We also provide comprehensive health benefits through our employer group plan effective from day one.
  • Unique Culture: Join us in our ongoing commitment to build a diverse and inclusive workplace. Every voice, action and idea matters at Vena.
  • Career Growth: We invest in your job training, professional development and continuing education and offer an Education Subsidy. Pursue your interests and chart your growth towards a new position on your current team or a new one. Vena had 180+ employee promotions and internal moves to new roles in 2021!
  • Executive Leadership: Be inspired by our executive leadership as they lead and motivate our team.
  • Read what employees say about working at Vena!
    • Glassdoor
    • Comparably
    • Indeed

Please note: Due to COVID-19 Guidelines, all interviews will be conducted using Zoom. As we continue to monitor the situation and follow public health guidelines, our commitment to ensuring the safety and health of our employees, customers, candidates and community around the world remains a top priority. We will continue to offer flexible working arrangements that include working remotely or on site with proper safety and health measures in place.
Vena celebrates the differences that make us all unique and strives to make our workplace accessible however we can.

Should you require accommodation throughout any stage of the recruitment and selection process, please specify your requirements to careers@venasolutions.com when submitting your application and we will work with you to accommodate your needs.

We incorporate accessible practices into all of our internal roles and invite others to join us in our ongoing efforts. Find out more at www.venasolutions.com/va11y

Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Vena Solutions are considered property of Vena Solutions and are not subject to payment of agency fees. To be an authorized Recruitment Agency/Search Firm for Vena Solutions, any such agency must have an existing formal written agreement signed by Vena Solutions and an active working relationship with the company. Resumes must be submitted according to our candidate submission process, which includes being actively engaged on the particular search.