Senior Security Architect

Medavie


Job Location:

Moncton - Canada

Monthly Salary: Not Disclosed
Posted on: 4 hours ago
Vacancies: 1 Vacancy

Job Summary

Position Type:

Permanent

If youre looking for a fulfilling career that can make a real difference in your life and the lives of others youve come to the right place.

As a national health solutions partner we put people first in everything we do and that begins with our team of 8000 professionals who bring a cross-section of diverse life experiences and career expertise to Medavie. By collaborating and innovating together our employees are creating industry-leading solutions in insurance primary care and emergency medical services that impact millions of lives in Canada each year.

Our mission is to improve the wellbeing of Canadians so that every life can be lived to the fullest and its reflected in our award-winning culture. We celebrate individuality and value the diverse perspectives and skills our employees contribute. We go beyond providing competitive pay and comprehensive benefits to offer opportunities for personal and professional growth flexible work options meaningful experiences and supportive leadership. Medavie is where employees can be their best selves feel they belong and achieve their full potential. Be part of it by applying for a position with us today.

The Opportunity:

The Senior Security Architect is a strategic technical leader responsible for designing implementing and governing enterprise-wide security architectures that protect the organizations information assets infrastructure and applications.

This role partners closely with business leaders technology teams and risk management functions to ensure security capabilities are aligned with business objectives regulatory requirements and modern threat landscapes.

The Senior Security Architect provides deep expertise across security domainsincluding cloud identity network data protection application security and zero trustand drives the adoption of secure design principles across the enterprise

technology ecosystem.

Key Responsibilities:

Strategic Security Architecture:

  • Develop and maintain the enterprise security architecture roadmap aligned with corporate security strategy and business goals.

  • Establish security reference architectures patterns and standards covering on- premises cloud and hybrid environments.

  • Lead architectural assessments for new technologies platforms and major initiatives.

Design Engineering & Implementation:

  • Architect secure solutions across cloud (Azure/AWS) applications data and networks.

  • Define security controls and requirements for system designs integrations and third-party technologies.

  • Review technical designs and solution architectures to ensure adherence to security best practices and compliance requirements.

Security Governance Risk & Compliance:

  • Ensure alignment with regulatory privacy and internal policy requirements (e.g. ISO 27001 NIST CSF SOC 2 PCI-DSS Personal Health Information Acts).

  • Partner with risk compliance and audit functions to assess security posture and identify architectural gaps.

  • Create and maintain security documentation architectural diagrams and standards.

Collaboration & Leadership:

  • Serve as a senior advisor to IT engineering and business leaders on secure architecture and emerging threats.

  • Lead cross-functional architecture reviews and security design workshops.

  • Mentor engineering and security staff promoting security-by-design across the organization.

Threat Modeling & Emerging Technologies:

  • Lead threat modeling and architectural risk assessments for critical systems and new initiatives.

  • Monitor industry trends threat intelligence and technology advancements to evolve security architecture.

  • Evaluate and recommend new security technologies and capabilities.

Required Qualifications:

Education: Bachelors degree in Computer Science Cybersecurity Engineering or related field. Masters preferred.

Experience:

  • 812 years of experience in cybersecurity with at least 5 years in architecture-level roles.

  • Proven experience designing and securing cloud hybrid and enterprise-class environments.

Certifications:

  • CISSP (Certified Information Systems Security Professional)

  • TOGAF (or equivalent enterprise architecture certification)

Other Qualifications:

  • Ability to design end-to-end security architectures (application infrastructure identity data network) from requirements through implementation.

  • Strong command of security principles: least privilege defense-in-depth secure-by-design/default separation of duties trust boundaries threat modeling concepts.

  • Able to produce architecture artifacts: reference architecture solution designs security patterns exception/risk acceptances and architecture decision records (ADRs).

  • Deep understanding of authentication and authorization models (SSO federation OAuth2/OIDC SAML Kerberos where relevant).

  • Privileged access concepts (PAM) role/attribute-based access (RBAC/ABAC) conditional access identity lifecycle and governance basics.

  • Familiarity with MFA patterns device posture session controls and identity as the primary control plane. Proven experience securing workloads in Azure / AWS / GCP (pick one as minimum; multi-cloud as preferred).

  • Core cloud security concepts: shared responsibility model segmentation security groups/NSGs KMS/key management secrets management logging/monitoring cloud-native IAM.

  • Understanding of hybrid connectivity patterns and security (VPN/ExpressRoute/DirectConnect equivalents routing DNS).

  • Solid grounding in network security architecture: segmentation firewalls WAF DDoS protections proxies secure remote access DNS security.

  • Understanding of TLS/PKI basics certificate lifecycle and secure connectivity patterns.

  • Ability to advise and design for secure SDLC: security requirements design reviews CI/CD security controls dependency management code scanning concepts.

Preferred/Assets:

  • Strong security architecture across two or more cloud providers. Deep understanding of cloud landing zones guardrails policy-as-code and centralized identity patterns.

  • Practical experience implementing Zero Trust concepts: identity-centric access continuous verification device trust micro-segmentation adaptive access.

  • Experience with SSE/SASE models (secure web gateway CASB ZTNA) and enterprise proxy strategy.

  • Familiarity with workload identity and supply chain security for containers.

  • Strong CI/CD security patterns: SAST/DAST/IAST SBOM dependency governance artifact signing policy gates.

  • Familiarity with supply chain frameworks (e.g. SLSA concepts) and secure build pipelines.

  • Ability to drive automation: policy-as-code infrastructure-as-code guardrails (Terraform/ARM/Bicep concepts) automated compliance evidence.

  • Scripting familiarity (PowerShell/Python) for security enablement and control validation.

  • Deeper crypto knowledge: HSM design envelope encryption patterns rotation strategies mTLS at scale certificate automation.

  • Experience designing enterprise key management strategy (centralized vs distributed BYOK/HYOK patterns where relevant).

  • Experience mapping security architecture to regulated requirements (e.g. healthcare financial services government contracting).

  • Evidence-based control design supporting audits and third-party assurance (SOC 2 ISO etc.).

  • Strong alignment with enterprise architecture practices: capability mapping target state roadmaps reference architectures technology standards.

  • Proven ability to reduce complexity and technical debt via platform patterns.

  • Strong knowledge of adversary tradecraft and mitigations (MITRE ATT&CK mapping detection-informed architecture).

  • Experience designing for resilience against ransomware credential theft lateral movement and abuse of cloud control planes.

  • Mentors other architects and engineers; establishes reusable patterns and guardrails.

  • Leads cross-domain programs (IAM modernization secure cloud adoption data security program etc.).

Language Skills:English (Spoken and Written)required. French (Spoken and Written) considered an asset

Security Clearance Requirement:In conjunction with our contract with the Federal Government you willbe requiredto have Reliability Status Clearance (Enhanced Level B). This includes Fingerprinting Criminal Record Check Credit Check and you must haveresidedin Canada for at least 5 years and hold Permanent Resident or Citizenship Status.

Whatsin it for you

What makes us a different kind of employer Our award-winning culture a team who really cares unmatched training and support are all dedicated to ensuring you are set up for success.

What we offer:

  • Permanent full-time position with strong career growth opportunities.

  • Hybrid or remote work arrangements.

  • Flexible work environment and work-life balance.

  • 100% employer-paid health dental and vision benefits (effective Day 1).

  • 100% employer-matched Defined Contribution Pension Plan.

  • Annual performance-based Incentive Bonus.

  • A gifted week of vacation in your first year optional Vacation Purchase Program.

  • Support for professional development training and certifications.

  • Wellness programs health resources and fitness discounts.


Pay Range:
$99177 - $132236

#CBM2

#LI-VS1

This posting is for an existing vacancy within our organization / Ce poste est actuellement vacant au sein de notre organisation.

The Base Pay range may vary depending on the successful candidate or other relevant job-related factors such as knowledge skills qualifications experience and education/ addition to Base Pay eligible Medavie employees may participate in various performance-based incentive programs. Payments under these programs are discretionary and subject to both individual and organizational results.


We believe our employees should reflect the communities we serve and welcome applications from candidates of all backgrounds. To provide the best experience possible we will support you with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team of your needs. We are committed to making sure recruitment retention advancement and compensation are fair and accessible while following all relevant human rights and privacy laws. We appreciate everyone who has shown interest in this position. Only those selected for an interview will be contacted.


While Medavie may use automated tools including AI to support application screening candidates are expected to complete all recruitment interactions independentlywithout AI assistanceto ensure a fair and equitable process.


If you experience any technical issues throughout the application process please email: .


Required Experience:

Senior IC

Position Type:PermanentIf youre looking for a fulfilling career that can make a real difference in your life and the lives of others youve come to the right place.As a national health solutions partner we put people first in everything we do and that begins with our team of 8000 professionals who b...

About Company

Company Logo

We're driven by the belief that everyone deserves to enjoy a full life and a fulfilling career. Join us in our mission to improve the wellbeing of…

View Profile View Profile