We are looking for an experienced Cyber Security Architect to join the City of Hamilton and play a pivotal role in strengthening the municipality's cybersecurity framework. This long-term contract position offers the opportunity to design and implement robust security measures across on-premises, hybrid, and cloud environments. As a key technical leader, you will collaborate with diverse stakeholders to enhance risk management, threat detection, and overall security resilience.<br><br>Responsibilities:<br>• Develop and oversee enterprise-wide security architecture tailored for cloud, on-premises, SaaS, and hybrid environments.<br>• Perform threat modeling, risk assessments, and vulnerability evaluations to identify and mitigate potential security gaps.<br>• Guide the implementation of privileged access controls, conditional access policies, and other security protocols.<br>• Collaborate with infrastructure teams to monitor vulnerabilities, optimize security tools, and lead risk remediation efforts.<br>• Provide architectural leadership for firewall configurations, network segmentation, secure routing, and overall system design.<br>• Work with external threat detection partners to bolster monitoring capabilities and enhance response strategies.<br>• Support modernization efforts, including the separation and restructuring of legacy networks.<br>• Ensure compliance with industry standards for data protection, encryption, backup/recovery, and other security measures.<br>• Create and maintain security reference architectures, implementation plans, and policies aligned with frameworks like NIST 800-53 and ISO 27001.<br>• Serve as a trusted advisor on security-related projects and infrastructure upgrades, offering strategic guidance and post-incident support.
<p><strong><u>This is a hybrid position (2 – 3x a week in the office) in Downtown Toronto. </u></strong></p><p> </p><p> </p><p>Are you excited by the opportunity to grow an Offensive Security team?</p><p> </p><p>This role is ideal for a seasoned cybersecurity professional with a passion for offensive security, application testing, and threat management—especially in modern environments involving low code/no code platforms and AI/ML pipelines.</p><p> </p><p>You will play a pivotal role in proactively identifying vulnerabilities, simulating adversarial threats, and strengthening this company’s security posture across cloud, application, and AI/ML domains. If you have experience building offensive security teams, leading penetration testing, managing incident response, and securing AI/ML workflows, this role is for you!</p><p> </p><p><strong> </strong></p><p><strong>What you will do and how you will make an impact … </strong></p><p><strong> </strong></p><p> </p><p>· Conduct penetration testing on low code/no code platforms, identifying misconfigurations and privilege escalation risks.</p><p> </p><p> </p><p>· Design and execute penetration tests targeting AI/ML pipelines, models, and data flows.</p><p> </p><p> </p><p>· Assess CI/CD integrations and MLOps environments for security gaps.</p><p> </p><p> </p><p>· Evaluate web and mobile applications for vulnerabilities such as insecure APIs and injection flaws.</p><p> </p><p> </p><p>· Perform threat modeling and code analysis to identify and remediate vulnerabilities.</p><p> </p><p> </p><p>· Monitor and respond to threats using SIEM tools (e.g., Splunk, Azure Sentinel).</p><p> </p><p> </p><p>· Develop use cases tailored to emerging threats, including AI/ML-specific attack vectors.</p><p> </p><p> </p><p>· Use tools like Burp Suite, OWASP ZAP, Checkmarx, Veracode, and Snyk for vulnerability assessments.</p><p><br></p><p> </p><p>· Conduct offensive API testing and simulate real-world attack scenarios.</p><p> </p>
<p>Our client located in the Durham Region area is expanding their team and looking for a passionate IT Security Analyst to join their Security team. If you are looking for an opportunity to expand your technical skills and work for an impressive organization this could be the right job for you! This is a 6 month contract to start in Whitby, Ontario. If you meet the requirements and are interested in this opportunity please apply to the position directly.</p><p><br></p><p>Install, configure and monitor information security (IS) systems hardware, operating systems and application software</p><p>- Perform systems maintenance, corrective maintenance, expansion and upgrades, including operating system, application software and server hardware on multiple systems</p><p>- Provide technical support to end-users by acting upon system alerts generated by security systems, responding to security-related incident reports to the CS-IT Service Desk</p><p>- Create reports identifying inappropriate information and/or software and apply IS measures to restrict inappropriate usage as per the Region's Electronic Communications Systems Policy</p><p>- Research and liaise with prospective suppliers regarding security products and services; conduct evaluations of hardware and software to assess effectiveness and applicability</p><p>- Provide IS awareness and solutions to all divisions within CS-IT, conducting business impact analysis and provide guidance regarding security threats and methods to mitigate such threats</p><p>- Conduct regular information security assessments to ensure the risk to systems is being managed appropriately</p><p>- Identify security deficiencies through the effective analysis of all Regional information technology processes and projects</p><p>- Develop IS solutions and business cases, identifying systems that require re-evaluation based on changing needs within information security, information technology and business users</p><p>- Take charge of IS projects, completing appropriate project documentation, facilitate meetings with all stakeholders and project team members</p><p>- Assist with the development of policies, processes and procedures relating to IS, including actively researching and bringing forth broader technology issues with security implications</p><p>- Administer network security for wireless network access to ensure access is granted to authorized users and public Wi-Fi is securely isolated</p>
