Cloud Cyber Security Solutions Architect

Duration: 20 Months Contract
 
Job Description:

• Provide cyber security, cloud security, and technology risk advisory services to support Bank objectives.
• Assess current-state and target-state cloud architecture to support secure, compliant, and risk-based cloud migration initiatives.
• Identify security risks and control gaps associated with cloud adoption and emerging technologies.
• Develop and maintain IT security standards, policies, and control requirements aligned with Bank standards and industry frameworks.
• Develop reusable architectural artifacts including reference architectures, architecture building blocks, and secure design patterns.
• Support secure cloud configuration, governance, and compliance with Bank standards and regulatory expectations.
• Conduct threat modelling for cloud architecture and migration initiatives to identify potential threats, attack vectors, and control weaknesses, and recommend risk-based mitigations aligned to Bank security standards.
• Advise on threat, vulnerability, and technology risk management practices
• Translate technical risks into business impacts and provide risk treatment recommendations
• Produce documentation, artifacts, and reporting required for stakeholders, governance forums, and leadership.
• Support implementation planning, prioritization, and adoption of recommended controls and architectures.
• Provide subject-matter expertise, workshops, and knowledge transfer to Bank teams.
• Other activities and deliverable, as required

• University Degree or College Diploma in computer science, information security, engineering, or a related field. 
• A minimum of five (5) years of recent demonstrated experience in information technology or cyber security, including cloud environments.
• A minimum of three (3) years of recent demonstrated experience as a Cloud Security Architect or senior cloud security specialist in complex, regulated environments. 
• Demonstrated experience assessing current-state cloud security posture and defining target-state cloud security architectures. 
• Demonstrated experience designing and governing cloud security controls (e.g., IAM, network security, data protection, logging and monitoring).
• Demonstrated experience identifying security, risk, and compliance control gaps and recommending risk-based improvements.
• Demonstrated experience developing cloud security standards and reusable security architecture artifacts (reference architectures, patterns, building blocks).

• Demonstrated strong knowledge of cyber security and risk frameworks such as NIST CSF, NIST SP 800-53/61/92, and ISO/IEC 27001/27002. 
• Demonstrated experience applying cloud security and shared responsibility models (e.g., CSA Cloud Controls Matrix, CIS Benchmarks). 
• Demonstrated knowledge with enterprise and security architecture frameworks (e.g., TOGAF, SABSA). 
• Demonstrated experience aligning cloud security architectures with regulatory and supervisory expectations (e.g., financial services risk management).
• Demonstrated knowledge of third-party and cloud risk management practices 
• Demonstrated knowledge of cloud provider security across Azure and hybrid cloud environments.
• Relevant certifications would be considered an asset (e.g., CCSP, CISSP, CISM, AWS/Azure security certifications).