Cloud Security Architect

Cloud Security Architect

Job location: Ottawa-Hybrid; all other Canadian locations-Remote

About The Role

The Cloud Security Architect is a subject matter expert responsible for the design and development of all Kinaxis’ Cloud security architecture while ensuring technology is implemented within frameworks that improve security postures of cloud environments. The Cloud Security Architect will develop the cloud security roadmap, and will be responsible for the strategic planning, architecture, and securing of enterprise information systems by identifying network, data, application and platform security requirements, implementing and testing security controls and procedures in a hybrid cloud environment.

The Cloud Security Architect's goal is to tease out security flaws across multiple cloud service providers when information systems interconnect, and complexity forms.

What you will do

• Design secure patterns for workloads deployed on Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service environments as well as hybrid architecture patterns which may tightly integrate to other public clouds or on-premises systems;
• Be a technical security expert to help guide the design of our secure hybrid cloud computing environments required to support our planning and digital supply chain solutions;
• Partner with stakeholders across the organization to plan and manage the cloud security strategy and architecture, establishing governance and facilitating adoption and execution;
• Understand key disciplines within different organizational roles and how they relate to the organization’s cloud security architecture;
• Lead and participate in the selection of cloud security tools and controls, including existing enterprise tools that can extend into the cloud, cloud-native security controls and third-party offerings;
• Provide security guidance to Kinaxis’ Global Information Security Team through technological changes and assist in designing solutions that align with the Kinaxis corporate strategies;
• Assess security architectures, analyze issues and develop recommendations for their resolution;
• Provide subject matter expertise on public cloud security practices;
• Build and maintain security diagrams, design, and process documents;
• Identify and implement improvements to the cloud security policies, procedures and affiliated technologies, in order to manage and mitigate key security risks;
• Collaborate across the organization to ensure security risks are promptly identified, critically assessed and mitigated in adherence to defined objectives;
• Understand potential and emerging information security threats and vulnerabilities and communicate this information to appropriate team members throughout the organization on a timely basis;
• Design solutions that support and enable Business Continuity and Disaster Recovery Plan objectives;
• Work closely with all domain architects to ensure cloud security requirements are adopted to all cloud solutions and initiatives;
• Accountable for ensuring the design of all Cloud Systems solutions meets the appropriate security and compliance requirements.

What we are looking for

• BS or BA in Information Security, Computer Science, Information Systems, or demonstrated equivalent experience;
• Minimum 10 years of experience in IT Security, including 5 with a SaaS/Hosting organization;
• Minimum 5 years of experience with Google Cloud and Microsoft Azure public cloud platforms and their related technologies including but not limited to deployment, automation, networking and security;
• CISSP, CCSP, Comptia Cloud+/Security +, CISM, or GIAC certifications preferred;
• Exceptional communicator with the ability to provide, clear, concise messaging (written and verbal) to multiple audiences and across multiple platforms, and the ability to lead facilitation and present complex information that will engage a diverse audience in an inspiring and impactful way;
• Advanced analytical, problem solving, and critical thinking skills, and the ability to coordinate input from multiple sources to develop impactful recommendations to the business;
• Demonstrates agility and resiliency in managing workloads in an environment of ongoing urgency and ambiguity.

     Skills and Qualifications

• Familiarity with IT Governance, data governance, architecture, and security frameworks such as ISO27001, NIST Cybersecurity Framework, COBIT, SABSA, TOGAF, MITRE, OWASP, CIS;
• Experience performing threat modeling and design reviews to evaluate the introduction of new technologies’ security implications and requirements;
• Great understanding of SSE, CASB, CSPM, CNAPP and CWPP tools; knowledge of cloud security frameworks, standards and best practices; and working with cloud IAM and IaaS, PaaS and SaaS native security capabilities;
• Experience with Kubernetes platforms in a hybrid cloud solution;
• Experience with network technologies (firewall, switches, router, load balancers);
• Experience with Infrastructure-as-Code (Terraform, Ansible, Packer);
• Experience with backend and API development (Python, Java, Go, etc.);
• Strong diagnostic and troubleshooting skills.