Cyber and Information Security Architect

TEAM LOCAL is hiring

Prospera Credit Union is a community-based, purpose-driven organization that offers our members a full range of financial products and services. As one of the largest credit unions in British Columbia, we help build vibrant, healthy communities, thriving local enterprises and financially empowered people. Prospera is proud to serve communities throughout the Lower Mainland, Fraser Valley and Okanagan.

As a Cyber and Information Security Architect, you will be working collaboratively with the Architecture Review Board (ARB)and other governance teams, such as Data Governance, the role will be essential in conveying the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) and other NIST Standards into Prospera’s Enterprise Architecture and Design Principles.

What you’ll do:

• Develop and maintain Prospera's security architecture framework, ensuring it aligns with business objectives and industry standards.
• Lead the design and review of secure network architectures, systems, applications, and cloud-based environments.
• Collaborate with cross-functional teams to integrate security requirements into the software development lifecycle and infrastructure deployment processes.
• Ensure concepts such as Zero-Trust and Least Privilege and Data Protection standards are integrated into Prospera design standards.
• Ensure environments, such as Cloud and Mobile Devices, are planned and configured for optimal security controls for Confidentiality, Integrity, and Availability (CIA).
• Ensure the proper configuration, monitoring, and optimization of security tools and technologies.
• Conduct research and evaluate emerging security technologies, proposing innovative solutions to enhance the Prospera's security posture.
• Develop and maintain a comprehensive set of Policies, Standards and Procedures related to cyber and information security, such as Acceptable Use of Technology, Device and Environment Hardening, Information Security, etc.
• Work collaboratively with DevSecOps specialists as the compliance specialist.
• Conduct regular risk assessments, identifying vulnerabilities and recommending appropriate security controls.
• Ensure compliance with relevant regulations, standards, and frameworks, such as ISO 27001, NIST Cyber Security Framework, and privacy laws.
• Update the relevant Risk Register(s) as required.
• Participate with Internal Audit on annual audit planning and quarterly updating of registers and action plans.

What you bring:

• Familiarity with security frameworks and regulations (e.g., NIST, ISO27000, CIS Critical Security Controls, etc.).
• Proficiency in cybersecurity and operational risk assessments.
• Proficient experience with assessing and auditing network controls such as firewalls, IDS/IDP, DNS, VPN, 2-factor authentication, port/packet filtering, VLANs, physical and logical separation of network segments, security zoning, and traffic analysis.
• Advanced working knowledge and understanding of Azure and AWS cloud platforms.
• Member of ISSA, ISACA or part of the local information security or assurance community would be an asset.
• Proficiency with NIST, SABSA, TOGAF and other industry best practices an asset.
• Strong knowledge of security principles, technologies, and industry best practices.
• Proficiency in designing secure network architectures, systems, and cloud environments.

• Designation/License/Certification considered a Requirement: Security+ certification

• Designation/License/Certification considered an Asset:
  • CISSP
  • CISM, SANS and GIAC certifications
  • OSCP

• Excellent written and verbal communication skills, interpersonal and collaborative skills,
• Strong leadership skills including people management, relationship building, negotiation and influencing,
• Problem solving skills with ability to exercise flexibility and judgement as required,
• Highly motivated and results oriented with the ability to handle high pressure situations with multiple stakeholders,
• Results and quality driven, while being open to constant changes in priority and focus.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or relevant work experience.
• Minimum of 5 years of experience in information security roles or relevant work experience

What we offer:

• Prospera offers a total compensation package of base salary plus incentives that is market competitive and reviewed annually. Our expected starting salary for this role is $96,300 to $107,000 based on the successful candidate’s knowledge, experience and internal equity.
• Flexible Work Program for some of our roles – ask us!
• Flexible Benefits Program – pick and choose what works best for you.
• Defined Contribution Retirement Plan – let’s start saving and keep your future in mind.
• Vacation, Wellness and “Prosperian” Days – paid time off to support your overall well-being
• Professional development – come grow your career and develop your skills
• A supportive, collaborative work environment- we’re proud to be a Great Place to Work certified organization

Please Note: The successful candidate will be required to complete a background check which include criminal, credit, and reference checks.