IT Cyber Security , Architect

Company Description

At General Dynamics Mission Systems–Canada, our focus extends beyond engineering technology solutions—we are dedicated to cultivating careers. If you seek a purpose-driven career solving some of the world’s most critical problems, alongside some of the brightest engineering minds, your application is welcome. Join a community where your unique perspective propels innovation.

Why Join Us?

• Flexible Work Environment: We have On-site and Hybrid positions, this is often dependent on the nature of your role. We offer a variety of options for your work schedule which includes compressed work week options, flexible start times and shut down periods.
• Professional Development: We offer a number of resources and support to help develop your professional toolkit! You should anticipate regular progress reviews as well as access to educational assistance, professional designations and certification support, training and more!
• Total Rewards: Consider it covered—health, dental, and beyond. Early access to a pension plan with various perks to acknowledge your contributions to the organization.

Job Description

We are seeking a highly skilled IT Cyber Security Architect to join our team. We are looking for someone with extensive experience in IT Security, specifically in securing cloud environments for sensitive and mission-critical systems. The ideal candidate will have hands-on experience with cloud platforms such as AWS, Azure, and M365, a deep understanding of NIST security frameworks (including NIST 800-171), experience implementing frameworks in both an Enterprise and Cloud environment, and familiarity with the Canadian Centre for Cyber Security cloud protection profiles. This position will involve designing, implementing, and managing robust security architectures to safeguard cloud infrastructure and applications in a complex, regulated environment.

Key Responsibilities:

• Security Architecture Design: Lead the design, development, and implementation of secure on premise and cloud architectures in AWS, Azure, and M365 that align with the organization’s security policies, regulatory requirements, and industry best practices.
• Risk Management and Compliance: Ensure security solutions comply with NIST security frameworks, including NIST 800-171, and work closely with compliance teams to assess and address risks. Develop and maintain security controls to meet the requirements of Canadian Centre for Cyber Security cloud protection profiles.
• Cloud Platform Security: Implement and manage security controls for cloud environments (AWS, Microsoft), including identity and access management (IAM), encryption, network security, monitoring, incident response, and vulnerability management.
• Cross-Functional Collaboration: Collaborate with internal stakeholders (security, engineering, DevOps, etc.) to ensure cloud security strategies align with business goals and mission objectives.
• Monitoring and Incident Response: Assist Security Operations for monitoring cloud environments for potential threats and vulnerabilities. Support incident response and investigation efforts related to cloud security breaches or compromises.
• Security Best Practices and Policies: Develop, review, and enforce cloud security policies, standards, and procedures, ensuring they reflect the latest industry practices and regulatory requirements.
• Security Audits and Assessments: Support regular security assessments, audits, and penetration tests to ensure continuous security improvements and compliance with relevant frameworks (NIST, CCCS, etc.).
• Training and Mentorship: Provide guidance and mentorship to junior team members and other departments on cloud security best practices and procedures.

Qualifications

• Experience in the IT Security: Minimum of five (5) years of experience working in IT Security within the defense or government sector, with a focus on cloud security.
• Cloud Platforms Expertise: Proven experience in designing, implementing, and securing cloud solutions in AWS, Azure, and M365.
• Knowledge of Security Frameworks: In-depth knowledge of NIST security frameworks, including NIST 800-171, and experience with the Canadian Centre for Cyber Security cloud protection profiles.
• Security Certifications: Relevant certifications such as CISSP, CCSP, AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer Associate, or similar are preferred.
• Risk Management: Experience in risk assessments and implementing security controls for cloud environments.
• Regulatory and Compliance Knowledge: Solid understanding of compliance requirements for federal, defense, and government sectors.
• Technical Proficiency: Strong understanding of network security, IAM, encryption, firewalls, and security automation in cloud platforms.
• Communication Skills: Excellent written and verbal communication skills, with the ability to explain complex technical security issues to non-technical stakeholders.
• Must be able to obtain and maintain Canadian Security Clearance and a positive Controlled Goods Assessment. Eligibility to work in Canada either as a Canadian Citizen or Permanent Resident.

Preferred Qualifications:

• Experience with cloud security automation tools and DevSecOps practices.
• Familiarity with threat intelligence platforms and security orchestration tools.
• Knowledge of additional security frameworks (ISO 27001, Centre for Internet Security (CIS), SOC2 etc.) and government compliance programs.

Additional Information

We believe the unique contributions of each of our colleagues are key in our ability to drive innovation. By fostering a culture of belonging, encouraging idea sharing at all levels, and reinforcing the very real impact of what we do, we offer an environment where everyone can take pride in their work. We respect diverse opinions, and value the lived experiences each and every one of us bring to our workplace. If you require accommodation during any stage of the application process, please contact Human Resources via recruitment@gd-ms.ca.