Senior Security Architect

Senior Security Architect – CAAT Pension Plan We’re excited to invite you to join CAAT as a Senior Security Architect. 6 days ago, we announced this role, and we’re looking for the next leader to help shape our hybrid‑cloud and AI‑driven technology ecosystem. At CAAT, we’re passionate about what we do. We challenge the status‑quo, build a real impact for the hundreds of employers we serve – from educational institutions to major corporations – and we’re growing fast as one of Canada’s fastest‑growing pensions. Our culture is built on core values, a shared purpose, and a can‑do mindset that ensures everyone plays a part in securing a better retirement future for Canadians. About the Role As we scale our hybrid‑cloud and AI‑driven technology stack, we need a Senior Security Architect to lead the next evolution of our cybersecurity architecture. You’ll be at the center of cloud security, GenAI, and machine learning defense, designing secure‑by‑design frameworks that protect the data, models, and platforms that drive our innovation. This is a hands‑on architecture role that blends deep technical design with strategic influence. You’ll shape the blueprint for enterprise and emerging technology security, partnering with engineers, AI specialists, and business leaders to ensure our systems are resilient, ethical, and future‑ready. Responsibilities Architect and implement enterprise‑grade security designs across hybrid cloud environments (Azure, AWS, GCP), embedding security into every layer of our technology stack. Secure the future of AI and GenAI by developing frameworks that protect LLMs, agentic AI systems, ML pipelines, and low‑code/no‑code platforms from data poisoning, model inversion, prompt injection, and other adversarial threats. Lead “security‑by‑design” practices from concept to deployment, integrating threat modeling, Zero‑Trust principles, and continuous validation across the SDLC. Develop scalable reference architectures and technical blueprints for both traditional and emerging technologies, ensuring consistent governance and alignment with our enterprise security strategy. Drive security innovation across CI/CD and MLOps pipelines by embedding automated SAST, DAST, IaC scanning, and compliance validation into modern DevSecOps workflows. Champion secure AI adoption by applying frameworks like MITRE ATLAS, OWASP ML, and NIST AI RFM, ensuring explainable, ethical, and trustworthy AI integration. Collaborate with cross‑functional teams, including Enterprise Architecture and AI/ML Engineering, to balance innovation with governance and ensure agility without compromising trust. Support regulatory compliance (ISO 27001, PCI‑DSS, NIST 800‑53) through architecture controls, testing, and documentation. Evaluate and secure emerging platforms such as Azure OpenAI, Databricks, Hugging Face, LangChain, and vector databases. Qualifications 10+ years of progressive cybersecurity experience, with deep hands‑on expertise in enterprise and cloud security architecture. CISSP certification (required); additional designations such as Microsoft Cybersecurity Architect Expert (SC‑100), Azure Security Engineer (AZ‑500), CISM, or CISSP‑ISSAP are assets. Excellent communication and collaboration skills with the ability to translate complex security principles into clear, actionable guidance. Proven track record designing secure architectures for GenAI, LLM, and ML environments across Azure, AWS, or GCP. Advanced understanding of AI/ML threat models, including adversarial ML, data poisoning, model theft, hallucination mitigation, and prompt injection. At least 8 years of experience securing CI/CD, DevSecOps, and MLOps pipelines using GitHub Actions, Azure DevOps, Jenkins, or ArgoCD. Expert‑level knowledge of Microsoft Azure security services such as Defender for Cloud, Sentinel, Security Center, Key Vault, Conditional Access, and Privileged Identity Management. Hands‑on experience with security assessment and validation tools including vulnerability scanners, static/dynamic analysis, container scanners, and code analysis platforms. Familiarity with frameworks and standards such as NIST CSF, NIST 800‑53, ISO 27001/27035, CIS Controls, MITRE ATT&CK, and Zero Trust Architecture (NIST 800‑207). Knowledge of AI governance and compliance frameworks such as NIST AI RMF, MITRE ATLAS, and ISO/IEC 42001. Bachelor’s degree in Computer Science, AI, Information Security, Cybersecurity, or a related technical field. Growth mindset, passion for innovation, and commitment to implementing security that enables, rather than limits, technology progress. Benefits & Perks Opportunities to Build a Better You – continuous learning, skill mastery, and growth in a fast‑moving environment. Comprehensive & Holistic Care – a Total Rewards program that supports physical, mental, and financial wellness, flexible work arrangements, and a defined benefit pension plan. A Place to Collaborate and Win – a lively culture recognized as one of Canada’s Most Admired Corporate Cultures, Greater Toronto’s Top Employers, and Best Places to Work. Work that Truly Matters – contribute to Canada’s future retirement security and help organizations achieve more. Equal Opportunity Employment CAAT Pension Plan is an equal opportunity employer. We accommodate all needs under the Accessibility for Ontarians with Disabilities Act and the Ontario Human Rights Code. Hiring processes will be modified to remove barriers if requested. If you require accommodation throughout the application process, please contact us at hr@caatpension.ca or call Human Resources at 416‑673‑9000. Learn more about us by visiting www.caatpension.ca/careers. #J-18808-Ljbffr