Security Architect – Intermediate

Position: Security Architect – Intermediate
Location: Hybrid, Toronto, Ontario, Canada
Job Type: Contract

Job Description
Key Responsibilities
Define, evaluate, and assess security architecture requirements for IT projects and system environments.
Conduct Threat Risk Assessments (TRA) for SaaS, PaaS, IaaS, and on-premises applications.
Perform risk assessments related to AI technologies and assess potential organizational impact.
Communicate security risks and propose mitigation strategies clearly to stakeholders.
Develop technical architecture, frameworks, and strategies to align with business/application requirements.
Guide risk identification, vulnerability resolution, and compliance with security standards (e.g., NIST, ISO, etc.).
Evaluate and recommend alternative security technology solutions.

General Skills & Qualifications
6–8 years’ experience as a Security Architect or in a similar role.
Strong understanding of security architecture and technologies (e.g., encryption, access controls, firewalls).
Experience conducting Threat Risk Assessments and implementing risk management frameworks (e.g., NIST, ISF, IRAM).
Solid knowledge of security auditing procedures, compliance (ISF SOGP, NIST, SSAE16/18, SOC, PCI DSS 3.2+), and data privacy.
Experience with enterprise architecture deliverables and modeling.
Skilled in zero-trust architecture design and implementation.
Familiar with security frameworks/tools relevant to AI systems.

Desirable Skills
Experience with Ontario Government Enterprise Architecture processes.
Knowledge of OT security models (e.g., NIST 800-82, Purdue Model).
Familiarity with ICS, SCADA, or OT Systems (certification or training preferred).
Background check required.

How to Apply
Please send your resume to: jim.nickolson@noramtec.com
We thank all applicants for their interest; however, only those selected for an interview will be contacted.