Application Security Architect

About Vancity

Vancity is a member-owned credit union built on the principles of inclusion and social justice. A relentless commitment to their values has helped them challenge the status quo and break down barriers since day one in 1946. They have bold commitments to make Vancity net-zero by 2040 across all mortgages and loans and are pursuing strategies on Indigenous banking and to improve the financial resilience of their members.

Vancity is the largest private sector Living Wage Employer in Canada and has been consistently recognized as one of the Top Employers in Canada. If you're interested in joining their team of 2,700 diverse individuals and accessing competitive rewards and benefits, all while knowing you are part of a greater movement, then apply today

About the workplace

As Application Security Architect at Vancity, you'll play a pivotal role in shaping and delivering enterprise-wide cybersecurity initiatives. You'll lead the design and implementation of secure solutions, guide junior architects, and collaborate with cross-functional teams to embed security into business and technology strategies. This role offers the opportunity to influence enterprise architecture, contribute to policy development, and support a risk-based approach to protecting Vancity's digital assets - all while staying at the forefront of evolving cyber threats and regulatory standards.

This is a permanent, full-time role that will enjoy hybrid working arrangements which can be fulfilled primarily from the Vancity head office location and your Lower Mainland based home office. This role may require you to work on-site at least once a week.

A typical day would involve:

• Lead the design and planning of information security projects, including cost estimation and forecasting.
• Contribute to the development of enterprise security documentation such as policies, standards, baselines, guidelines, and procedures.
• Provide mentorship and direction to junior security architects, collaborating with project leads to define requirements, design controls, and implement scalable security services aligned with Vancity's cybersecurity vision.
• Oversee and support the secure design and deployment of application solutions, ensuring alignment with industry best practices.
• Partner with business units and enterprise architecture teams to deliver risk-based security guidance and support an integrated security service portfolio.
• Assess security risks across programs, projects, and operational processes, and recommend architecture remediation strategies.
• Stay current on cyber threats and emerging technologies to inform investigation techniques and enhance incident response capabilities.

You have:

• Bachelor's degree in Computer Science, Engineering, or highly related field.
• 8+ years of experience in IT, Risk Management, and/or Information Security
• 4+ years in Security Architecture.
• Experience designing secure architectures e.g. networking, Cloud, IDP, API, Identity management (OIDC, SAML), Zero trust Architecture etc..
• Strong understanding of security controls across all layers of the OSI model.
• Strong DevSecOps & Application Development experience within a formalized SDLC.
• Knowledge and experience of secure coding practices and working with SAST, DAST, SCA, IAST tools.
• Threat modelling experience.
• Experiencing performing penetration tests and have relevant certifications e.g. OSCP, GPEN etc.
• Experience designing secure systems and integrations with enterprise applications.
• Awareness of Canadian regulatory environments (e.g., OSFI, PIPEDA) and their impact on security programs.
• Experience with Public cloud offerings (Azure is preferred) with relevant Cloud/Security certifications.
• Information Security Certifications in one or more of the following are required: CISSP, CISA, CISM, GISP, GSNA, GSE, CSP, SSCP, Security+
• Information Technology Certifications in one or more of the following will be an asset: TOGAF, MCITP, MCSE, CCNA, VCP, RHCE, MCAF, Azure Architecture/Security certs.
• Experience with or knowledge of PCI DSS, ISO 27001, NIST CSF and NIST control frameworks is highly desired.
• Strong stakeholder engagement and communication skills across technical and non-technical audiences.

You are:

• A Strong Communicator - you use your strong communication and interpersonal skills to create clear understanding of expectations and represent the team across the organization through clear and confident communication.
• Organized & Systematic - your planning and coordination skills develop solid operating plans, processes, methods and standards for a unit and help coordinate delivery of critical information in a timely manner.
• Analytical & Decisive - with your strong problem solving and decision making skills, you can diagnose challenges and issues; develop innovative investigative solutions; and to assess risks and opportunities that may affect the information security team.
• Self Motivated – you are a self motivated and inquisitive individual that takes initiative to follow through and deliver results without continuous supervision.

We value lived experience, so if you are interested in this role, we encourage you to apply even if you feel your skills don't perfectly align with those listed.

Posting Deadline: Posted until filled

A career at Vancity is more than just a job, you're joining a tradition of change-makers who are creating lasting change for our communities. Beyond base pay, we offer a comprehensive total rewards package to ensure our employees are empowered to thrive:

We offer:

• We are the largest private-sector Living Wage Employer in Canada and have been consistently recognized as one of the Top Employers in Canada.
• Our permanent employees qualify for attractive benefit packages that can be customized and changed each year to meet their evolving needs.
• New employees receive between three to four weeks of vacation allowance per calendar year, and the number of vacation days grows
• In addition to the 10 statutory holidays in British Columbia, Vancity provides an additional three statutory holidays. We offer care days for periods of short-term personal illness or emergency family illness.
• We have flex credits for our health care & dental benefits offer three levels of coverage for you to select from. These benefits will also be effective immediately based on your hire date.  
• We understand that retirement means different things to different people and at Vancity we will offer you a Defined benefits pension plan that pays you a retirement income for life.

At Vancity we're committed to creating a welcoming and inclusive workplace to help our people and communities thrive and prosper. Diversity in our workforce is integral so that we can truly represent, understand and respond to our community needs and deliver on our member experience.

Vancity Talent Programs:

Vancity supports an inclusive hiring process for candidates who self-identify as Indigenous, Black, or Trans. With special permission from the BC Human Rights Commissioner, this initiative provides access to career development opportunities, prioritized job screening, and feedback. Any information you choose to share will be stored securely and used only for recruitment and career development connected to this initiative, in line with the BC Personal Information Protection Act (PIPA). For details, please see our dedicated Talent Programs job posting.

We are committed to an inclusive, barrier-free and accessible recruitment experience for all candidates. If you require any accommodations or support at any stage of the recruitment process (including the application stage), we encourage you to let us know by contacting our Talent Acquisition team at We're here to work with you to ensure your needs are met promptly and effectively. All requests will be handled with the utmost respect and confidentiality, so you can participate fully in the process.