More jobs:
Solution Architect – Application Security; AppSec), Zero Trust & Compliance
Job in
Toronto, Ontario, C6A, Canada
Listed on 2026-07-07
Listing for:
Astra-North Infoteck Inc. ~ Conquering today’s challenges, achieving tomorrow’s vision!
Full Time
position Listed on 2026-07-07
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, IT Consultant
Job Description & How to Apply Below
Role Overview
We are seeking a highly experienced Solution Architect – Application Security Lead to drive the design, implementation, and governance of enterprise‑grade App Sec, Zero Trust architecture, and regulatory compliance frameworks. This role will be responsible for embedding security‑by‑design principles across application life cycles, leading Zero Trust adoption, and ensuring alignment with regulatory and industry standards (e.g., PCI‑DSS, OSFI, NIST, ISO 27001).
Application Security Strategy & Architecture- Define and implement enterprise‑wide App Sec strategy aligned with business and security objectives, and architect secure SDLC frameworks.
- SAST, DAST, SCA, IAST.
- Container & cloud‑native security.
- Establish security patterns, reference architectures, and guardrails for application teams. Drive Dev Sec Ops enablement across CI/CD pipelines.
- Lead the design and rollout of Zero Trust architecture across application ecosystems.
- Implement key Zero Trust principles.
- Least privilege access.
- Identity & Access Management (IAM/CIAM)
- Privileged Access Management (PAM)
- Endpoint and workload protection platforms
- Align application access controls with identity‑centric security models
- Ensure application security controls meet OSFI B‑13 / B‑10, PCI‑DSS, SOX, GDPR, ISO 27001, NIST.
- Drive audit readiness, control validation, and compliance reporting.
- Establish risk‑based control frameworks and remediation tracking.
- Partner with internal audit, risk, and compliance teams.
- Conduct secure design reviews and threat modeling (STRIDE, ATT&CK).
- Identify and mitigate application‑layer vulnerabilities and attack vectors.
- Define security requirements for APIs, microservices, and cloud‑native applications.
- Embed security testing and validation processes.
- Lead deployment and optimization of App Sec tools.
- SAST:
Checkmarx, Fortify, Veracode. - Container security:
Prisma, Aqua. - Integrate tools into CI/CD pipelines (Azure Dev Ops, Git Hub, Jenkins).
- Drive automation for vulnerability management and remediation tracking.
- Act as a trusted advisor to engineering, architecture, and business leaders.
- Lead cross‑functional teams across development, Dev Ops, and security.
- Provide executive‑level reporting on App Sec maturity and risk posture.
- Mentor teams on secure coding and security best practices.
- 12+ years in cybersecurity, application security, or architecture roles.
- Proven experience as a Solution Architect or App Sec Lead in large enterprises (preferably BFSI).
- Zero Trust Architecture
- Cloud platforms (Azure, AWS, GCP)
- Hands‑on experience with App Sec tools and CI/CD integrations.
- OWASP Top 10, API Security Top 10
- Threat modeling methodologies
- Experience with regulatory compliance frameworks (OSFI, PCI‑DSS, ISO, NIST)
Certifications:
- CSSLP (Certified Secure Software Lifecycle Professional), TOGAF (Architecture), SABSA or equivalent security architecture certifications.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×