Senior Technology Architect

Job Description:

Responsibilities:

• Partner with business, product, and engineering stakeholders to define security requirements and translate them into architecture designs.
• Conduct threat modeling, risk assessments, and security analyses at inception, design, and implementation phases.
• Develop and maintain reusable secure-by-design patterns for cloud (IaaS/PaaS), SaaS, and hybrid deployments.
• Architect identity and access solutions: SSO, MFA, PKI, least-privilege controls, and federated identity.
• XXgn network and infrastructure controls: network segmentation, firewalls, security groups, SASE, micro-segmentation.
• Specify data-protection mechanisms: encryption key management, transparent data encryption, tokenization, and database activity monitoring.
• Integrate security telemetry logs, events, and alerts into SIEM (Client Cloud, Azure Sentinel) and SOAR workflows.
• Embed security requirements into DevSecOps pipelines using IaC tools and CI/CD integrations.
• Facilitate architecture review boards, governance gates, and security design workshops.
• Candidatetor and guide junior architects and engineers on secure architecture principles and patterns.

• Demonstrated leadership in technical security architecture and solution delivery.
• Deep expertise with at least two major public cloud platforms (AWS, Azure, Google Cloud Platform) and SaaS ecosystems.
• Strong knowledge of application architecture, networking, and security operations.
• Proficiency in structured design methodologies and ITIL processes.
• Excellent verbal and written communication; skilled at presenting to technical and executive audiences.
• Collaborative team player with strong interpersonal, negotiation, and stakeholder-management skills.
• Solid analytical, problem-solving, and decision-making abilities.
• Awareness of emerging security technologies, trends, and compliance requirements.

• Identity & Access Candidateagement: SSO, MFA, PKI, OAuth/OIDC, SAML, RBAC/ABAC.
• Infrastructure Security: IaaS/PaaS hardening, VPC/VNet/VCN and subnet segmentation, firewalls, Network Security Groups, SASE.
• Data Protection: KMS/Vault, Transparent Data Encryption, tokenization, Data Loss Prevention, Database Activity Monitoring.
• Application Security: Secure SDLC, threat modeling (STRIDE, DREAD), container and serverless security, API gateway, WAF.
• Security Operations Tools: SIEM (Client Cloud, Azure Sentinel) ingestion, correlation searches, dashboards; SOAR automation; EDR (Defender, Cortex XDR).

• Hands-on experience with Agile/Scrum: backlog management, user-story creation, sprint planning, stand-ups, retrospectives.
• Embed security requirements and automated tests into CI/CD pipelines.
• Facilitate cross-functional workshops to align SecOps, DevOps, and product teams.

• Apply frameworks (TOGAF, NIST CSF, CIS Controls) to digital solution blueprints.
• Lead requirements gathering, conceptual, logical, and detailed design phases.
• Develop solution design artifacts: architecture diagrams, data-flow models, sequence diagrams, policy matrices.
• Provide implementation guidance: infrastructure-as-code templates, configuration guidance, logging-agent deployments.
• Chair architecture review boards, capture decisions, and enforce governance processes.

• Prior public-sector or regulated-industry experience is an asset.
• Familiar with mandates and standards (FIPPA, PHIPA, PCI DSS, AODA, ISO 27001).
• Embed audit trails, data-retention policies, and compliance controls into design deliverables.