Current jobs related to AWS Cloud Security Architect - Markham, Ontario - Recutify Inc.

  • Solutions Architect

    1 week ago

    Markham, Ontario, Canada Worldsource Wealth Management Full time

    JOB STATEMENT:Solution Integration Architect with deep expertise in cloud integration, software vendor platforms, and data fabric technologies. You will lead the design and implementation of scalable, secure, and high-performing integration solutions across Azure, AWS, and Microsoft Fabric, enabling seamless interoperability between internal systems and...

  • Sr. Security and Cloud Systems Administrator

    2 weeks ago

    Markham, Ontario, Canada Professional Engineers Ontario Full time

    OverviewAs we move through a period of exciting transformation and organizational change, Professional Engineers Ontario (PEO) has an immediate opening for aSr. Security and Cloud Systems Administratorto join our Information Technology team.Under the authority of theProfessional Engineers Act, PEO licenses and governs over 91,500 licence and certificate...

  • Senior Azure Cloud Architect

    2 days ago

    Markham, Ontario, Canada Venture Computers of Canada Inc. Full time

    Role OverviewWe are seeking a Senior Azure Architect to join our Toronto-based Managed Service Provider team. In this role, you will lead the design, implementation, and management of Azure cloud environments for our clients, while also supporting core IT infrastructure. You'll leverage your deep expertise in Microsoft Azure to enhance our cloud offerings...

  • Senior Cloud Security Engineer

    2 weeks ago

    Markham, Ontario, Canada SE Health Full time

    Join us in re-imagining health care with the largest social enterprise in Canada. SE Health is leading a multi-year enterprise transformation project that leverages human-centered design to be at the forefront of innovation within the healthcare sector. As a leader in home care, we are expanding and enhancing our capabilities to provide personalized...

  • Systems Security Architect

    1 week ago

    Markham, Ontario, Canada AMD Full time

    WHAT YOU DO AT AMD CHANGES EVERYTHINGAt AMD, our mission is to build great products that accelerate next-generation computing experiences—from AI and data centers, to PCs, gaming and embedded systems. Grounded in a culture of innovation and collaboration, we believe real progress comes from bold ideas, human ingenuity and a shared passion to create...

  • Platform Security Architect

    2 weeks ago

    Markham, Ontario, Canada AMD Full time

    WHAT YOU DO AT AMD CHANGES EVERYTHINGAt AMD, our mission is to build great products that accelerate next-generation computing experiences—from AI and data centers, to PCs, gaming and embedded systems. Grounded in a culture of innovation and collaboration, we believe real progress comes from bold ideas, human ingenuity and a shared passion to create...

  • Data Platform Administrator

    7 days ago

    Markham, Ontario, Canada Aviva Canada Full time

    Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.We are seeking a hands-on Cloud Engineer with deep expertise in AWS services, strong experience in CI/CD pipeline development, and solid working knowledge of Snowflake.The ideal candidate...

  • Data Platform Administrator

    7 days ago

    Markham, Ontario, Canada Aviva Canada Full time

    Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.We are seeking a hands-on Cloud Engineer with deep expertise in AWS services, strong experience in CI/CD pipeline development, and solid working knowledge of Snowflake.The ideal candidate...

  • DevOps/Cloud Engineer

    2 weeks ago

    Markham, Ontario, Canada The Code Crackers Full time

    OverviewThe Ontario Public Service (OPS) is seeking an experienced DevOps/Cloud Engineer to support the design, deployment, and maintenance of cloud-based digital products and enterprise applications. This role requires deep hands-on expertise in cloud architecture, DevSecOps pipeline development, automation, and infrastructure management across modern,...

  • Senior Azure Cloud Engineer

    2 days ago

    Markham, Ontario, Canada Xplore Inc. Full time

    Position Overview:*We are seeking a hands-on Senior Azure Cloud Engineer to design, build, secure, and operate scalable Microsoft Azure platforms. This role blends technical leadership, cloud architecture ownership, and cross functional collaboration to modernize workloads, lead migrations, and raise platform engineering maturity across subscriptions and...

AWS Cloud Security Architect

2 weeks ago

Markham, Ontario, Canada Recutify Inc. Full time

Position : Cloud Security Architect

Location: Markham, ON

Position: Full time/Subcon

Mode: Hybrid (Mandatorily need to visit office 3 days a week)

Job Details:

Top Capability skills required

1. AWS architect

2. AWS security SME

3. IT security background

Skill Grid:

Skills

Expert

Proficient

Intermediate

Basic

None

5

4

3

2

1

  1. AWS architect

  2. AWS security SME

  3. IT security background

Job Description:

Senior AWS Cloud Security Architect

The Senior AWS Cloud Security Architect is responsible for designing, implementing, and governing secure, compliant, and resilient AWS environments across multi-account cloud infrastructures.

You will lead the architecture and automation of identity, data protection, threat detection, and network segmentation controls across the AWS ecosystem.

Key Responsibilities:

  • Design and implement secure landing zones using AWS Control Tower, AWS Organizations, and Service Control Policies (SCPs).

  • Define multi-account security guardrails for shared services, workloads, and sandbox environments.

  • Create reference architectures covering security zones, network segmentation, and cross-account communication (PrivateLink, AWS WAN).

  • Lead threat modelling and risk assessments for new workloads and services (Lambda, ECS, EC2, S3, RDS, DynamoDB, etc.).

  • Develop security-by-design templates integrated into Infrastructure as Code (IaC) pipelines.

  • Partner with compliance teams to maintain continuous alignment with CIS Benchmarks and organizational risk frameworks.

  • Implement federated access and single sign-on with AWS IAM Identity Center (AWS SSO), Okta, and Azure AD.

  • Manage cross-account roles, STS trust policies, and temporary credentials for developers and third parties.

  • Automate secret and credential rotation with AWS Secrets Manager and AWS Systems Manager Parameter Store.

  • Enforce encryption at rest using AWS KMS, CloudHSM, and envelope encryption patterns.

  • Ensure encryption in transit (TLS 1.2/1.3) across internal and public endpoints.

  • Manage key rotation, cross-region replication, and HSM-based root of trust.

  • Implement S3 Object Lock, Macie for data discovery and classification, and Access Points for fine-grained data access.

  • Implement PrivateLink, AWS WAN, and Route 53 Resolver endpoints for service-to-service isolation.

  • Configure Web Application Firewall (WAF) and AWS Shield Advanced for DDoS mitigation.

  • Enforce egress control through Cloud NAT, AWS Gateway Load Balancer (GWLB), or custom proxies.

  • Deploy and integrate AWS Security Hub, GuardDuty, Macie, and Inspector for proactive threat detection.

  • Configure Amazon Detective for forensic investigation and anomaly correlation.

  • Integrate findings into SIEM/SOAR platforms such as FortiSOAR, or Azure Sentinel.

  • Automate response playbooks with AWS Step Functions, Lambda, and SNS alerts.

  • Implement AWS Config rules and Conformance Packs to enforce compliance (e.g., CIS AWS Foundations Benchmark).

  • Use AWS Artifact for vendor assurance and control documentation.

  • Manage compliance dashboards via Security Hub, Trusted Advisor, and Control Tower drift detection.

Core AWS Security & Supporting Services

Identity & Access Management: IAM, IAM Identity Center (SSO), AWS Organizations, Access Analyzer, Cognito, Resource Access Manager (RAM), Directory Service.

Encryption & Key Management: KMS, CloudHSM, Secrets Manager, SSM Parameter Store, Certificate Manager (ACM), Private CA.

Network & Perimeter Security: Network Firewall, WAF, Shield (Standard & Advanced), PrivateLink, AWS WAN, Route 53 Resolver, Network LoadBalancer, Application LoadBalancer.

Threat Detection & Monitoring: GuardDuty, Detective, Security Hub, Inspector, Macie, CloudTrail, Config, CloudWatch, CloudWatch Logs, CloudWatch Metrics.

Compliance & Governance: Audit Manager, Artifact, Control Tower, Trusted Advisor, Config Conformance Packs, Service Catalog, Organizations SCPs.

Data Protection: S3 Object Lock, Macie, Lake Formation, DLP integrations, S3 Access Points.

Vulnerability & Posture Management: Inspector (EC2, ECR, Lambda), Trusted Advisor, Config, Security Hub.

Application & Container Security: ECR image scanning, ECS task IAM roles, Lambda least privilege, Secrets Manager, API Gateway authorization.

Incident Response & Automation: Step Functions, Lambda, Systems Manager Automation, SNS, CloudWatch Alarms, EventBridge Rules.

Required Skills and Experience:

  • 8+ years in cybersecurity, with 4+ years in AWS cloud security architecture.

  • Deep understanding of AWS Well-Architected Framework (Security Pillar).

Preferred Certifications

  • AWS Certified Security Specialty

  • AWS Certified Solutions Architect Professional

  • CISSP / CISM / CCSP / GCSA / GIAC Cloud Security Automation