Job Summary:

• Ensure Confidentiality, Integrity and Availability of AHS Information Assets
• Design information security solutions to protect AHS information
• Address regulatory requirements and align with the security framework
• Collaborate with internal and external partners to ensure IT implementations align with enterprise security policy
• Provides leadership and subject matter expertise in the development of standards, architectural governance, design patterns and security best practices
• Serve as an information security advisor to key technology and business stakeholders, establishing trust relationships through active engagement and collaboration
• Mentor Intermediate and Associate Security Architects
• Identification and evaluation of new security technologies
• Identify business requirements that affect the enterprise security architecture and provide solutions that integrate into the overall architectural vision and strategy
• Collaborate with R&D and Engineering teams to drive the product roadmaps for security tools, by providing security requirements that help to map security controls and patterns to product features
• Serve as the Security Lead in the design, implementation and integration phases of cloud-based solutions to meet client and firm security requirements, address enterprise risks and exposures in cloud-based solutions
• Lead the direction of information security architecture through the development of a security strategy that addresses the threats to the environment and data

Skills on Resume:

• Information Security Architecture Design (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Leadership (Soft Skills)
• Collaboration (Soft Skills)
• Cloud Security (Hard Skills)
• Security Technology Evaluation (Hard Skills)
• Security Requirements Integration (Hard Skills)
• Security Strategy Development (Hard Skills)

Job Summary:

• Responsible for the overall architecture, design and planning functions in support of the following areas
• Current and future technical and administrative security controls.
• Review of current and emerging security technologies and practices.
• Provides security controls guidance and oversight to resource managers.
• Research and prepare security administrative controls such as procedures, standards, guidelines and best practice documents for both IT division and enterprise partners.
• Analysis and proposal of changes in anticipation of future needs.
• Construction of server topologies to maximize efficiency and security of systems.
• Serves as a key member of the architectural review board that critiques product designs and requirements.
• Delivers strategic and tactical Security guidance for IT, Engineering, and DevOps initiatives.
• Embraces “secure by design” principles that weave Security controls into DevSecOps pipelines (e.g., build automation, configuration management).
• Evaluate the effectiveness of controls and the efficiency of security services in providing those controls
• Research current and emerging threats to healthcare information systems

Skills on Resume:

• Security Architecture (Hard Skills)
• Emerging Security Technologies (Hard Skills)
• Security Controls Guidance (Soft Skills)
• Security Documentation (Hard Skills)
• Future Needs Planning (Hard Skills)
• Server Topology Design (Hard Skills)
• Security Strategy (Soft Skills)
• Threat Research (Hard Skills)

Job Summary:

• Actively support the implementation, and execution of the processes for the definition, maintenance, and compliance management of the Enterprise Architecture
• Proactively assist the Enterprise Architects and the Chief Architect in assessing technology solutions
• Design secure applications or services within the organization
• Define security requirements
• Lead the development of projects executed by Development teams, and oversee and assess the development executed by Vendor’s teams
• Execute periodical code reviews
• Shape and deliver projects to meet and exceed the expectations of clients and own quality criteria
• Supervise and support Vendor’s developers in the context of projects
• Lead and own enterprise security architecture design and control
• Represent security in the enterprise architecture control process
• Create, align and maintain enterprise security architecture roadmap with security strategy, technology strategy and project portfolio management
• Create, maintain and control security design and security documentation of technology solutions (high level design, low level design, artefacts etc.)
• Support technology projects by assessing and understanding security risks, establishing relevant security requirements, supporting and validating the implementation
• Support information security management system processes and activities

Skills on Resume:

• Enterprise Architecture Support (Hard Skills)
• Technology Solution Assessment (Hard Skills)
• Secure Application Design (Hard Skills)
• Security Requirements Definition (Hard Skills)
• Project Leadership (Soft Skills)
• Code Review Execution (Hard Skills)
• Security Architecture Design (Hard Skills)
• Risk and Security Assessment (Hard Skills)

Job Summary:

• Define the scope of engagement with Service Providers (SP)
• Collect business requirements for security improvements
• Create a high-level architecture for SP to deliver against
• Identify gaps in the current architecture, focusing on security controls
• Identify where SP does not have a capability
• Indicate areas of initial, urgent and prioritised action
• Collaborate on the creation of roadmaps for SP to deliver against based on available, planned and unknown service provision
• Define and maintain security requirements (people/processes/technologies) to support this model
• Compare requirements against the Service Catalogue
• Compare requirements against current contractual obligations
• Verification of low-level designs of each delivery component
• Create indicative costs for delivery

Skills on Resume:

• Service Provider Engagement (Hard Skills)
• Business Requirements Collection (Hard Skills)
• Architecture Creation (Hard Skills)
• Security Gap Analysis (Hard Skills)
• Capability Identification (Hard Skills)
• Prioritization and Action Planning (Soft Skills)
• Roadmap Development (Soft Skills)
• Security Requirements Definition (Hard Skills)

Job Summary:

• Act as a key technical resource for internal stakeholders, including top management, regarding security matters related to SecDevOps and secure development practices.
• Lead, define and map digital architecture processes for designing large scale SecDevOps pipelines.
• Coordinate SecDevOps security in order to assist IT teams in delivering secure infrastructure solutions with his/her security recommendations and requirements.
• Ensure prevention and good management of technical, legal and human security-related risks by elaborating and proposing improvements to security policies, guidelines and standards with a global mindset, taking into consideration legal and regulatory responsibilities.
• Facilitating the development process and operations.
• Establishing continuous build environments to speed up software development.
• Security Designs Review of design documents produced by other work streams.
• Managing and reviewing technical operations.
• Guiding the development team.
• Provide strategic direction and subject matter expertise for wide adoption of SecDevOps automation.
• Build and maintain SecDevOps pipelines to adopt shift-left paradigm for security testing.
• Stay up-to-date on new security tools & techniques, and act as driver of innovation and process maturity.
• Conduct research and evaluate new SecDevOps platforms, components, tools, and processes for new projects and ongoing initiatives.
• Collect security-related metrics and increase security visibility across the organization.
• Work with teams to bring continuous improvement to SecDevOps processes and tools.

Skills on Resume:

• SecDevOps Expertise (Hard Skills)
• Architecture Design (Hard Skills)
• Security Coordination (Soft Skills)
• Policy Development (Hard Skills)
• Build Automation (Hard Skills)
• Design Review (Hard Skills)
• Strategic Direction (Soft Skills)
• Security Automation (Hard Skills)

Job Summary:

• Develop and maintain roadmap covering all cyber security domains including defense-in-depth, network security, identity and access management, cloud security, data security, application security, cyber security analytics, endpoint security, and compliance.
• Identify the gaps between the future-state and current-state cyber security architecture at Sobeys and develop plans for moving toward the future state.
• Support cyber security risk assessment and privacy impact assessment for new complex programs initiated at Sobeys. 
• Develop repeatable standards and checklists for secure-by-design and privacy-by-design assessments.
• Monitor and track regulatory and industry developments around cyber security and privacy.
• Monitor and track cyber security vendor/partner/MSSP ecosystem and identify opportunities to PoC/trial innovative new solutions that can further Sobey's interests.
• Define principles to guide solution decisions for the enterprise.
• Define models, including solution patterns, to guide IT solution decisions for the enterprise.
• Prepare position papers for business opportunities.
• Work closely with business units (Marketing, Finance, Operations, etc.) to understand short- and long-term security and privacy requirements.
• Work closely with legal/chief privacy officer, enterprise risk management, and internal audit to progress the roadmap on enterprise security controls.
• Work with Enterprise Architects and other IT leads to ensure security and privacy are built into the technology roadmap.

Skills on Resume:

• Cyber Security Roadmap (Hard Skills)
• Gap Analysis (Hard Skills)
• Risk Assessment (Hard Skills)
• Secure Design Standards (Hard Skills)
• Regulatory Monitoring (Hard Skills)
• Vendor Ecosystem Management (Soft Skills)
• Solution Decision Principles (Hard Skills)
• Cross-Functional Collaboration (Soft Skills) 

Job Summary:

• Apply knowledge of business requirements and architecture to the maintenance and enhancement of the enterprise-wide and/or project-specific architecture frameworks and models 
• Translate security standards and patterns into programs and project requirements on athe rchitecture level 
• Work with other Architects, Design Leads and stakeholders in peer review to ensure the continued presence, appropriateness and completeness of security qualities in solutions 
• Participate in the development of requirements to facilitate both business vision realization and security architecture target state creation 
• Understand the capabilities and limitations of the security components (e.g., technology, operations, and management) 
• Influence product direction and integrate technology from a security and architectural perspective within the business environment 
• Identify enhancements and gaps in architectural frameworks, standards and patterns to raise them for consideration for inclusion in the future versions 
• Participate in knowledge transfer with senior management, the team, other technical areas and business units 
• Work effectively as a team, supporting other members of the team in achieving business objectives 
• Providing client services, lessons learned and knowledge transfer.
• Development and governance of security specifications, standards, and processes
• Optimization of existing security solutions to ensure they address current requirements through the entire lifecycle

Skills on Resume:

• Business and Architecture Integration (Hard Skills)
• Security Standards Translation (Hard Skills)
• Peer Review Participation (Soft Skills)
• Requirements Development (Hard Skills)
• Security Component Knowledge (Hard Skills)
• Product Direction Influence (Soft Skills)
• Architecture Enhancement Identification (Hard Skills)
• Knowledge Transfer (Soft Skills)