* Challenge designs to ensures that infrastructure solutions are scalable, flexible, and supportable, are fully monitored and are as standardized and automated as possible.
* Review and provide challenge for the design, implementation, automation, and document security solutions, controls, and processes for Amazon Web Service (AWS), MS Azure cloud platforms and Google Cloud Platforms;
* Review and provide challenge for Security patterns for Cloud Platforms and Services; Assess all cloud patterns to ensure adherence to standards and controls
* Challenge the design and implementation DevOps processes, tools, and templates to ensure technology, security and resiliency is embedded into application and infrastructure design patterns and the building of applicable controls into the CI/CD process.
* Review standards, procedure and cloud controls to ensure regulatory coverage and alignment to applicable directives.
* Review and challenge changes with security implications (e.g. IAM Roles and Policies, Security Groups etc.)
* Provide Cloud subject matter expertise on the following:
* Strategy and Governance
* Technology & Cyber Risk Management
* Disaster Recovery and Incident Management
* Data Protection and Security
* Configuration & Change Management
* Architecture, authentication, and systems security based on a clear understanding of our cloud engineering stack, services, and data flow
* Participate and review cybersecurity risk assessments of new and existing technologies to identify risks and appropriate controls that balance security and operability
MPI does not discriminate on the basis of race, religion, sex, sexual orientation, gender identity or expression, age, disability, marital status, or based on an individual’s status in any group or class otherwise protected under applicable human rights legislation. MPI encourages applications from minorities, women, the disabled and all other qualified applicants
* Professional certifications (CISSP, CCSP, etc.) as well as possess baseline security certification such as CISM/GSEC/CISA/cloud certification for Microsoft Azure/AWS/Google Cloud Platform or studying towards attaining the certification. Certifications in CRISC, CGEIT, CCSP, CompTIA Cloud , AWS, Google, and Azure Cloud certifications would be a plus
Candidates must have had exposure to technology in a large, complex, regulated financial services enterprise.
+A minimum of eight years of experience designing and building massively scalable and distributed software solutions in any of the following areas: cloud security assessment and strategy; cloud compliance; solution architecture and design with emphasis on security, security operations and integration with cloud service providers as it relates to IaaS/PaaS/SaaS security platforms such as AWS, Google Cloud Platform, Microsoft Azure and Workday
* Experience with Cloud Security Alliance (CSA) Cloud Security Matrix and associated domains + Familiarity with the NIST Cloud Computing Referencing Architecture (800 Series) and associated standards +
* Direct experience performing cloud, IT, and/or risk reviews and audits + Certifications – CISA + Ability to operate in ambiguity
A Leading Global Canadian Bank
A Competitive Package