Information Security Architect

Information Security Architect Apply for the Information Security Architect role at Day & Ross. Job Description Reporting to the Director, IT Cybersecurity, the Information Security Architect oversees development and oversight of security architecture. They work with IT business partners and IT professionals to evaluate information security risks and implement security controls across the organization. How You’ll Help Develop and implement Day & Ross’s security architecture in alignment with Enterprise Architecture and Information Security teams following an industry standard framework and methodology. Report on progress of development and implementation of the security architecture through management reports, dashboards, scorecards, or another method agreed upon. Update and align the information security architecture when applicable and assist with remediation to impacted stakeholders if necessary. Assist with building and implementing an Enterprise Security Architecture program. Drive improvements on current architecture practices, methodologies, and assisting with implementing new methodologies as required. Build and maintain an architecture that meets Day & Ross’s organizational risk profile from risk assessments, management direction, and awareness of critical business assets. Provide input and guidance to Day & Ross’s Information Security awareness training framework and communication plan, Security operations and governance as needed. Assist with strategic, tactical, and compliance review planning of the Day & Ross information security program, including metric and reporting development. Lead the development and execution of IoT security strategies, including risk management practices, device authentication protocols, and secure integration for large‑scale IoT deployments. Conduct comprehensive security assessments for IoT devices and platforms, ensuring alignment with enterprise architecture and regulatory requirements. Collaborate with IT, business, and vendor teams to support telematics, fleet management, asset tracking, and real‑time data initiatives. Your Skills & Experience Minimum of ten (7) years of experience in information technology with at least seven (5) years of experience in a security architecture role, which includes the following disciplines: Performing risk assessments/analysis/audits of IT internal controls or IT processes Enterprise Security Architecture Relevant industry certifications from organizations such as ISC2, ISACA, SABSA, or SANS will be considered strong assets. Preference will be given to holders of ISSAP and SABSA SCM. Knowledge and experience in using SABSA, ISO 27000, NIST, and other applicable security frameworks and enterprise architect frameworks such as Zachman and TOGAF. Knowledge of network‑based services, client/server applications, mobile applications, enterprise systems and infrastructure, network architecture, and security infrastructure. Understanding of security controls such as firewalls, proxies, SIEM, antivirus, encryption, identity and access management, vulnerability scanning and/or intrusion prevention systems. Familiarity with GDPR and other privacy legislation considered an asset. Experience designing and implementing security controls for IoT environments, including telematics, sensor networks, and asset tracking systems. Familiarity with IoT‑specific standards and frameworks (e.g., NIST IoT Cybersecurity Framework, IEC 62443). IoT device security, authentication, and lifecycle management. Secure integration of IoT platforms with enterprise systems. Knowledge or familiarity with transportation automation systems considered a strong asset. Ability to interact with a broad cross‑section of stakeholders to explain and enforce security measures, in both business and technical terms. Excellent written and verbal communication skills in English. Proven ability as a self‑starter, working independently, and showing initiative. Ability to lead teams and manage employees. Experience in the transportation and/or logistics industry is a strong asset. Measures of Success Security Knowledge: Understanding of various security control requirements, functional and conceptual designs, technical and administrative controls, and implementation approaches. Risk Management: Ability to identify and address information security risks not covered by the security architecture and to assign the correct management recommendations including mitigating controls. Stakeholder Management: Ability to work and communicate with a broad range of both technical and non‑technical internal stakeholders. Additional Information Key internal relationships: Information Technology staff and management. Some business stakeholders. Occasional travel within Canada (Toronto, Ontario and/or Florenceville, New Brunswick, etc.) and USA may be required. Job primarily performed in a standard office environment; however, work from home is available with manager approval. To apply, visit our Careers page at dayross.com. As a federally regulated employer, Day & Ross fully supports the principles of employment equity and encourages all qualified members of the designated groups to apply. Day & Ross is committed to ensuring equal access and participation for people with disabilities and meeting their needs in a timely manner. We will do so by removing and preventing barriers to accessibility and by meeting our accessibility requirements under Accessible Canada Regulations and in alignment with our business practices, capabilities, and values. Job Details Seniority Level: Mid‑Senior level Employment Type: Full‑time Job Function: Information Technology Industries: Truck Transportation #J-18808-Ljbffr