IT Enterprise Security Architect
IT Enterprise Security Architect
Posted on :
29-05-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Description
#LI-SC1
Metrolinx is connecting communities across the Greater Golden Horseshoe. Metrolinx operates GO Transit and UP Express as well as the PRESTO fare payment system. We are also building new and improved rapid transit including GO Expansion Light Rail Transit routes and major expansions to Torontos subway system to get people where they need to go better faster and easier. Metrolinx is an agency of the Government of Ontario.
At Metrolinx equity diversity and inclusion are essential to living our values of serving with passion thinking forward and playing as a team.
Metrolinxs Innovation and Information Technology group supports female team members via Go Tech Women an affinity group for women in Information Technology led by our Chief Information Officer.
If you enjoy technology and innovation value diversity appreciate work/balance and are looking for an opportunity to make a better world via public service Metrolinx would like to hear from you!
The Security Architect will serve as a key member of our Information Security Team; will be responsible for planning developing and establishing security system strategies and creating architectural roadmaps aligned with Metrolinx Enterprise strategy. A security architect must have extensive experience and a true security mindset and technical depth in risk analysis ethical hacks enterprise networks zero-trust networks operational technology and cloud computing security architecture.
What will I be doing
- Collaborates with business leaders developers engineers enterprise architecture and other stakeholders to identify future needs to streamline the security strategies define security standards and reference security architecture.
- Assists with translating security architecture roadmaps into a portfolio of programs projects enhancement and other initiatives to define the journey map from current state to the future state.
- Creates detailed integration security architectures patterns for new systems into Metrolinx existing technology stack.
- Works with design delivery and deploy teams and ensure security resilience is designed and built into all solutions.
- Conduct assessments against standards and frameworks including one or more of the following: IEC-62243/ISA-99 APTA CLC/TS 50701 OWASP CVE WASC NIST methodologies and PCI-DSS compliance etc.
- Ability to conduct technical risk assessments and mitigation on AI Machine learning technologies and platforms
- Identify and develop security solutions and secure architectures for OT environments.
- Identify and develop secure integration patterns for integration with IT environments.
- Integrate OT security logs/logging solutions into Security Information and Event Management solutions such as Microsoft Sentinel
- Provide OT security advisory to organizational projects.
- Broad understanding of applications and infrastructure data flow to build threat models
- Strong communication skills and the ability to understand and translate cyber security threats from a technical perspective to business-line; ability to communicate risks and propose counter measures to senior technology executives.
- Drives innovation by reviewing and analysing processes to identify gaps and opportunities for improvement.
What Skills and Qualifications Do I Need
- Good technical understanding of common OT systems such as PCS SCADA PLCs RTUs HMIs CNC etc.
- Knowledgeable in OT security publications and models such as NIST 800-82 and Purdue Model
- ICS SCADA or OT Systems Certification or Training
- Ability to work independently on initiatives with little oversight.
- Experience in in architecting security controls in Cloud environments such as IaaS SaaS and PaaS
- Completion of a university degree in Information Technology or related field or a combination of education training and experience deemed equivalent; Masters level education is preferred.
- Demonstrated years experience working in a security architect or similar role.
- Knowledge of regulatory and assurance compliance requirements including ISF SOGP NIST SSAE16/18 (SOC 12 3) PCI DSS 3.2 and Data Privacy.
- Experience with risk assessment methodology (ISF IRAM NIST)
- Nice to have Certified Information Systems Security Professionals (CISSP)
- Nice to have CISSAP (CISSP with an architecture concentration) and/or CCSP (Certified Cloud Security Professional)
- TOGAF Certification is an asset.
- Enhanced reliability security clearance or equivalent is an asset.
- For projects involving classified information/assets Enterprise Security Architects may require enhanced reliability clearances or equivalent.
Dont Meet Every Requirement
If youre excited about working with Metrolinx but your past experience doesnt quite align with every qualification of this posting we encourage you to apply. You just might be the right candidate for this or other roles. We are always looking for great talent to join our team.
We invite all interested individuals to apply and encourage applications from members of equity-deserving communities including those who identify as Indigenous Black racialized women people with disabilities and people with diverse gender identities expressions and sexual orientations.
Accommodation:
We value the unique skills and experiences each person brings to Metrolinx and are committed to creating and maintaining an inclusive and accessible environment. We are committed to the requirements of the Accessibility for Ontarians with Disabilities Act so if you require accommodation during the hiring process please let our Recruitment team know by contacting us at: or email .
Application Process:
All applicants must be legally entitled to work in Canada. Metrolinx will be using email to communicate with you for all job competitions. It is your responsibility to include an updated email address that is checked daily and accepts emails from unknown users. As we send time-sensitive correspondence we recommend that you check your email regularly. If no response is received we will assume you are no longer interested in pursuing the opportunity. Please be advised that a Criminal Record Check may be required of the successful candidate.
For Internal applicants with the recent implementation of the Internal Mobility Policy the internal recruitment process has changed for non-union roles. Candidates must be in their current role for 12 months prior to applying for another role and each applicant must be in good standing (not participating in a Performance Improvement Plan). Please review all provisions of the policybefore submitting your application.
Should it be determined that any background information provided is misleading inaccurate or incorrect Metrolinx reserves the right to discontinue with the consideration of your application.
We thank all applicants for their interest however only those selected for further consideration will be contacted.
WE ARE AN EQUITABLE AND INCLUSIVE EMPLOYER.
#LI-SC1
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
