Senior Security Architect
Listed on 2026-07-05
-
IT/Tech
Cybersecurity, Information Security, Data Security, Cloud Computing: Infrastructure & Operations
Senior Security Architect – Department Information Technology Solutions – Pay Range $120,246 - $144,353 – Position
Job Details: Permanent Full Time (Non-Union)
Posting Status: Open to all current Town of Oakville employees and external applicants
Closing Date: Applications must be received by 11:59 p.m. on July 2, 2026 .
Benefits:
- Hybrid work schedule
- Defined benefit pension plan (OMERS)
- Comprehensive health plan complemented with life and disability insurance
- Progressive work environment with work/life balance
Reporting to the Information Security Officer & Program Manager, the Senior Security Architect provides senior-level expertise in the design, implementation, and governance of security architecture across the enterprise with an emphasis on protecting sensitive data, securing cloud platforms and workloads, and leading incident response execution and maturity. This role partners closely with application, infrastructure, risk/compliance, and business leaders to reduce security risk while enabling delivery speed and operational resilience.
Key Responsibilities Data Security- Maintain and design the evolution of enterprise data security architecture, including verifying data classification, labeling, and handling standards.
- Define and govern controls for data-in-transit and data-at-rest encryption, key management, secrets management, and certificate strategy.
- Architect and implement data loss prevention (DLP) and data egress controls across endpoints, email/collaboration, SaaS, and cloud platforms.
- Establish secure access models, including least privilege and privileged access controls for data platforms.
- Design privileged access and least privileged patterns for data platforms, including break‑glass access and approval workflows.
- Develop reference architectures for tokenization, masking, anonymization/pseudonymization, and privacy-by-design patterns aligned to regulatory requirements.
- Embed secure data lifecycle controls across systems in collaboration with data management, records management, and application teams.
- Establish security requirements and review designs for new data use cases (APIs, integrations, analytics, AI/ML), focusing on lineage, access boundaries and misuse resistance.
- Lead security risk assessments of data-centric systems and third parties; drive remediation planning and execution.
- Provide architecture guidance and guardrails that enable teams to execute quickly while meeting data protection obligations.
- Define and enforce secure data access patterns for AI-enabled solutions, focusing on tenant data isolation.
- Design controls to prevent data leakage and cross‑tenant exposure in systems leveraging generative or agentic AI.
- Evaluate how AI‑driven workflows interact with sensitive data and ensure alignment with enterprise data protection standards.
- Define security architecture patterns across cloud and on‑premises environments, including identity, network segmentation, workload isolation and secure service‑to‑service communication.
- Partner with infrastructure and application teams to implement baseline cloud controls including policy‑as‑code, secure landing zones, and standardized account/subscription structure.
- Architect cloud identity and access management (IAM) strategies, including federation, control access, RBAC, and privileged identity workflows.
- Design secure CI/CD and infrastructure‑as‑code pipelines with integrated security controls.
- Establish cloud threat modeling and secure design review practices for new services and significant changes.
- Drive cloud security posture management (CSPM) and vulnerability management by defining remediation standards, exceptions and engineering playbooks.
- Ensure security, resiliency, and compliance requirements are built into cloud services (backup, recovery, encryption, key rotation and logging).
- Define future state security architecture and continuous improvements.
- Integrate emerging AI capabilities into cloud security architectures in a secure and scalable manner.
- Design and review identity and access models supporting AI services, including delegated permissions and service‑to‑service trust.
- Serve…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: