Senior Manager, Security Architecture and Operations

We are hiring a Senior Manager Security Architecture and Operations!Reporting To:Assistant Vice PresidentFull-Time/Part- Time:Full-timeSalary Range:$130000-$150000Posting Date:June 4 2026Closing Date:June 18 2026Hours of Work:8:30 a.m. 5:00 :Office Location: 16.4Toronto ONGreat location! Steps away from the main public transit station What we offer:Highly competitive compensation package which includes base salary bonus benefits and career advancement opportunities! *Eligibility for benefits is dependent on the terms of employmentThe OpportunityA strategic and integral member of the Information Security Team reporting to the AVP Information Security is responsible for ensuring the security integrity and availability of First National information assets. The candidate will contribute to the management and continuous improvement of multiple security programs. The position entails the development implementation and maintenance of the security controls through people processes and technology across the role requires the following skills:Knowledgeable about architecture & design principles network security application security vulnerability management and incident management principles. Assess the threat landscape and work internally to protect the organization from risk. Must be highly technical and possess at least 8 years experience in security operations and system design across on-premise infrastructure cloud infrastructure applications and user endpoints infrastructure. Effective and dynamic Duties and Responsibilities:Maintain secure resilient enterprise-grade processes in tandem with various IT stakeholders such as Information Security IT Infrastructure and Operations Application Development oversight of security systems and security configuration administration to adequately respond to risk to enterprise systems and accounts both on-premise and the monitor assess and recommend tactical and strategic initiatives based on new and emerging period reports to Information Security and IT Leadership to showcase the current security posture of our Information Security Program Protect systems in compliance with Information security policies and standards such as ISO 27001 and a team of Information Security professionals across multiple internal and external partners to ensure they build solutions consistent with the organizations planned policies programs architectural recommendations and Information Security standards including within the regular technical project and implementation meetings and serve as the security ambassador to help guide secure application and infrastructure configurations for on-premise and cloud the day-to-day activities of threat and vulnerability management recommend treatment plans and communicate information about in the documentation of risks and mitigating controls including policy/procedure Operations and Incident Management ProgramLead the implementation configuration and daily operation of Information Security technologies that are implemented in First Nationals as a key figure in incident response to track occurrence and resolution with strict documentation and reporting as well as engagement within the department; and within the organization from a technical the incident response process within the department and work with key stakeholders within the department to respond resolve and recover from the third-party security partners ensure objectives are met and work in partnership to continuously improve security operations as an active participant within Incident Tabletop exercisesStreamline mature and automate (where applicable) the Incident Response playbooks and processes within the Management ProgramAnalyze threat and vulnerability feeds data for applicability to the environment and perform compensating controls analysis and validate efficacy of existing controls and provide the team to perform security research analysis assessments and support with penetration testing and remediation actions. This includes:The external and internal coordination of periodic penetration testing and remediation trackingConduct application and network vulnerability assessments to evaluate attack vectors identify vulnerabilities and develop remediation with IT stakeholders to guide and assist them during the remediation and mature the Offensive Security Program that entails web application penetration testing red/purple teaming Security ProgramEnsure coverage and remediate of secure code review with Application Development stakeholders (including SAST & DAST)Work with the Application Development leadership and delivery teams to integrate security controls within the development pipeline ensuring an efficient development process with early security control with IT groups to define develop socialize and execute long-term application security in the evaluation selection onboarding and management of AppSec vendors and ModellingPerform periodic threat modelling and maintain the model for currency and tracking of any risk remediation information technology control elements to mitigate IT security risks regarding the confidentiality integrity and availability of information and and Compliance ManagementSupport the Information Security Department to provide adequate evidence to support the audit and provide responses for guidance and supervision on Information Security compliance to ensure Security controls are functioning appropriately within the on development and implementation of Information Security metrics measurement criteria and reporting to ensure compliance and continuous periodic compliance reporting to provide assurance of coverage and effectiveness of controls such as but not limited toSecure configuration audits to complement the on-going Infrastructure and Application Vulnerability Management scanning and work with the internal stakeholders to address any and tracking of firewall rule base of Web Application Firewalls (WAF)Education/Certification/Experience Requirements:3 years of experience with Microsoft Azure platform capabilities best practices with architectures and security toolsets.3 years Security System administration and engineering experience in on-premise and/or cloud infrastructure.2 years of SOC experience or responding to traditional or cloud based cyber security with certifications such as CCSP CISSP or CISM are with MS Sentinel and Microsoft suite of security products such as but not limited to Defender for Endpoint Defender for Identity Defender for cloud in incident response and forensics a strong with the MITRE ATT&CK network security and Attributes:Track record of planning and executing complex work interpersonal communication analysis and writing to align management and leadership strategies when working on to work effectively with business unit and IT department managers including Application Development Infrastructure Operations Network Technical Support and verbal and written communication be a team join First NationalCompetitive Compensation Comprehensive benefits program (i.e. Health Spending Account Maternity and Parental Leave Top Up)Extensive training programs to set our employees up for success Modern office environment conducive to collaborationSupportive teamwork culture Opportunities to give back to the communities and work through events focused on a variety of charities Ongoing social events throughout the year The team youll join: Founded in 1988 First National is one of Canadas largest non-bank lenders. We provide residential mortgages exclusively through the mortgage broker channel and we are Canadas largest commercial mortgage lender. First National has been consistently recognized as a great place to work and we are proud that our employee engagement feedback is higher than our industry partners. We would like to thank all applications for their interest in this existing vacancy but only candidates selected for an interview will be contacted. Artificial Intelligence is not used in our recruitment or hiring process for this role. First National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race color religion national origin age gender identity physical or mental disability sexual orientation and any other category protected by National supports requests for accommodation from applicants with disabilities; please contact Human Resources at should you need an accommodation at any point in the recruitment process.#FNLOON