Job Description

The Role: Senior Security Architect As member of the Information Security architecture and engineering group, you have in-depth knowledge of information security controls design, implementation and execution to promote the delivery goals of the Vancity Information Security road-map and associated IT and business projects. As member of the Information Security architecture and engineering group, you have in-depth knowledge of information security controls design, implementation and execution to promote the delivery goals of the Vancity Information Security road-map and associated IT and business projects. A typical day would involve:

• Providing guidance and support for the business with a risk management approach while working tightly with all enterprise security and digital solutions team members in supporting an integrated security service portfolio.
• Lead and guide junior security team members on support and project tasking.
• Partner with the Vancity lines of business on multiple initiatives to apply good security practices, ensuring security is integrated into solution designs, and recommend architecture remediation.
• Work with program, project and operational teams and leadership to assess the security risks of existing and solutions including their associated processes.
• Define security requirements and use cases by evaluating business strategies and projects; researching information security standards; studying architecture/platform; identifying integration issues.
• Provide in-depth expertise across security functional areas, which include credential management, access provisioning, authentication and authorization, application security, infrastructure security, data security, security monitoring aligned with Privacy, PCI and OSFI compliance and regulatory standards.
• Communicate simple and effective security guidance to development and operational teams, leadership, and executives that is built on principles of balancing security with business and technology needs.
• Participate in the evaluation, design and implementation of security-related technologies, such as authentication/authorization mechanisms, network access control, encryption, malware protection, firewalls, etc. in both operational and project environments.
• Develop and build knowledge of and stay current on developments in the cyber threat landscape to adapt investigation techniques and provide recommendations on responding to and remediating related incidents.
• Establishing, maintaining and optimizing security architecture diagrams, policies, standards and procedures to support monitoring, detection, reporting and resolution of information security vulnerabilities and risk vectors.
• Work with program, project and operational teams and leadership to assess the security risks of existing and solutions including their associated processes.

As an individual contributor you are accountable for:

• Your person outputs and working behaviors.
• Collaboratively managing and sharing the workload of the team (including working on call when scheduled).
• Continuous process improvement.
• Contributing to a safe and respectful environment.

You are:

• A Strong Communicator - you use your strong communication and interpersonal skills to create clear understanding of expectations; address challenges and issues for the business unit; and represent the unit across the organization.
• Organized & Systematic - your planning and coordination skills develop solid operating plans, processes, methods and standards for a unit and help coordinate delivery of critical information in a timely manner.
• Analytical & Decisive - with your strong problem solving and decision making skills, you can diagnose challenges and issues; develop innovative investigative solutions; and to assess risks and opportunities that may affect the information security team.
• Self Motivated – you are a self motivated and inquisitive individual that takes initiative to follow through and deliver results without continuous supervision.

You have:

• Solid business acumen in the context of the financial industry.
• A good understanding of relevant Vancity policies and procedures.
• Familiarity with Vancity strategies, functions and programs.
• An undergraduate degree (usually in Computer Science, Engineering, or highly related field)
• 4-8 Years of Relevant Experience in IT, Risk, Information Security or a combination of these

Certifications & Training:

• Information Security Certifications in one or more of the following are required: CISSP, CISA, CISM, GISP, GSNA, GSE, CSP, SSCP, Security+
• Information Technology Certifications in one or more of the following will be an asset: MCITP, MCSE, CCNA, VCP, RHCE, MCAF
• Experience with or knowledge of PCI DSS, ISO 27001, NIST CSF and NIST 800-53 control frameworks is highly desired.

The team: The Senior Security Architect reports directly into the Manager, Information Security Architecture and Engineering.
Posting Deadline: Please apply by 04:00 PM PST, Friday September 2, 2022
About Vancity:

• Our vision is a transformed economy that protects the earth and guarantees equity for all. As a values-based financial co-operative, we are committed to transforming how banking is done by helping our members and local communities thrive financially, socially and environmentally with impact to make our world a better place.
• We are the largest private-sector Living Wage Employer in Canada and have been consistently recognized as one of the Top Employers in Canada.
• Come join our team of 2,600 diverse individuals and access competitive rewards & benefits.
  Start your Vancity career journey with us even if you’re new to financial services! We encourage opportunities to learn & develop to prepare you for career success, which in turn continuously impresses how we serve our membership.
• We value Integrity, Innovation, Responsibility and Reconciliation.
• To learn more about Vancity, please visit www.vancity.com/AboutVancity.