Senior Security Architect/Security Specialist

As a principal security authority, you will bridge the gap between abstract business requirements, regulatory threat drivers, and technical defense systems. Operating within a hybrid framework, you will provide technical direction to ensure high availability, design secure network segmentation across multi-cloud and hybrid environments, and champion data defense strategies. This role demands an elite subject matter expert who can confidently author security blueprints, establish identity governance controls, and lead enterprise risk mitigation initiatives to protect business-critical assets.

Location: Toronto, ON

Assignment Type: Hybrid (2 to 3 days per week onsite)

Contract Duration: 12-months contract

Advantages
High-Impact Scope: Architect and deploy advanced enterprise-scale solutions, including Data Security Posture Management (DSPM) frameworks and Data Loss Prevention (DLP) systems for major user footprints.

Diverse Tech Portfolio: Direct sophisticated security capabilities across hybrid IT, cloud ecosystems, and specialized Operational Technology (OT/IoT) domains.

Strategic Leadership: Shape corporate security baselines by researching, evaluating, and authoring master cybersecurity policies, standards, and standard operating procedures.

Hybrid Balance: Enjoy a highly professional and flexible schedule combining active onsite team collaboration with remote flexibility.

Responsibilities
Security Solution Engineering: Provide senior-level technical direction and subject matter expertise to design and deploy redundant, highly available infrastructure and cybersecurity solutions.

Architectural Artifact Creation: Author comprehensive security architectural blueprints, technical specifications, disaster recovery plans, system playbooks, guidelines, and standard operating procedures.

Cybersecurity Framework Governance: Lead the development, modernization, and refresh of corporate cybersecurity policies, standards, and compliance procedures.

Risk & Threat Management: Conduct detailed security risk assessments of new and existing networks, applications, and infrastructure to isolate potential vulnerabilities and communicate actionable mitigation plans to executive stakeholders.

Data Posture Defenses: Design and configure complex Data Security Posture Management (DSPM) and Data Loss Prevention (DLP) solution parameters, embedding automated data discovery and classification protocols across environments.

Cross-Functional Integration: Collaborate with multi-disciplinary engineering clusters—including software development, cloud operations, and infrastructure teams—to verify secure design principles throughout development lifecycles.

Platform Security Alignment: Establish secure configurations and protection criteria for SIEM platforms, SOAR automation paths, Enterprise Password Management solutions, and Identity & Access Management (IAM) systems.

Vulnerability Control Enforcement: Isolate structural system weaknesses and evaluate firewall matrices, network segmentation, and micro-segmentation architectures to enforce proper security boundary constraints.

Technology Modernization Advisory: Evaluate, test, and recommend emerging cybersecurity tools, cloud capabilities, and defensive methodologies to protect the organization's evolving attack surface.

Operational Tech Hardening: Architect risk-based security controls to bridge and secure connections intersecting core corporate IT systems with Operational Technology (OT) and physical cyber environments.

Qualifications
Core Technical & Architectural Requirements
Professional QA & IT Tenure: 10+ years of comprehensive Information Technology experience, with a minimum of 8+ years of dedicated experience operating as a Senior Security Architect or Technical Security Lead.

Governance & Assessment Depth: 5+ years of hands-on experience managing corporate Cybersecurity Governance models, structural policy writing, and complex system risk assessments.

Networking & Stack Mastery: Deep technical understanding of core networking principles (TCP/IP, WAN, LAN, VPN) and standard enterprise protocols (SMTP, HTTP, LDAP, SAMLv2, OAuth, SSL/TLS).

Defensive Tooling Savvy: Intimate experience designing, configuring, or supporting modern defensive architectures including Next-Generation Firewalls (NGFW), Endpoint Detection & Response (EDR), Zero Trust frameworks, SIEM/SOAR platforms, and Public Key Infrastructure (PKI).

Cloud & OT Integration Capability: Proven experience securing hybrid cloud platforms alongside foundational familiarity protecting Operational Technology (OT) or IoT systems using established physical network controls (such as IEC 62443 or NIST 800-82).

Attack Surface Awareness: Familiarity with modern data protection strategies and Cyber Asset Attack Surface Management (CAASM) technologies.

Education & Professional Certifications
Education: University degree in Computer Science, Information Security, Cybersecurity, or a related field. A Master’s degree in Network Security, Cybersecurity, or a related quantitative discipline is highly desirable.

Mandatory Credentials: Active Certified Information Systems Security Professional (CISSP) designation.

Specialized Certifications: Must hold at least one of the following industry designations:

SABSA Foundation (Sherwood Applied Business Security Architecture)

CCSP (Certified Cloud Security Professional)

CCSK (Certificate of Cloud Security Knowledge)

TOGAF Foundation (The Open Group Architecture Framework)

GICSP (Global Industrial Cyber Security Professional)

Soft Skills & Leadership Strength
Consultative Articulation: Exceptional verbal and written communication skills, with polished ease when presenting complex vulnerability discoveries and technical designs to diverse stakeholders.

Analytical Problem Solving: Superior critical thinking, analytical reasoning, and data troubleshooting capabilities to mitigate systemic network threats and manage deployment priorities.

Collaborative Execution: A motivated, highly organized team player who builds consensus easily across multi-tenant development clusters under strict delivery windows.

Summary
If you're interested in the Senior Security Architect (Security Specialist) role based in Toronto, we encourage you to apply online at www.randstad.ca. Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!

Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.

Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.

This posting is for existing and upcoming vacancies.