About the role
HM Note: This hybrid contract role is three (3) days in office. Candidates resume must include first and last name.
Description
Key Responsibilities
- Lead end-to-end security design and architecture reviews for common cloud platforms (AWS, Azure, GCP) and major SaaS applications
- Develop and maintain secure-by-design reference architectures, patterns, and guidelines tailored to IaaS, PaaS, and SaaS deployments
- Perform threat modeling, risk assessments, and gap analyses to align solutions with internal security standards and regulatory requirements
- Define identity and access control strategies, including SSO, MFA, PKI, and least-privilege models
- Design various network and infrastructure security controls: e.g. network segmentation, security groups, firewalls, SASE, IPS/IDS
- Architect data protection solutions: encryption key management, Transparent Data Encryption, tokenization, DLP for cloud and SaaS data
- Integrate application and infrastructure logs into SIEM platforms (Splunk Cloud, Azure Sentinel) and design SOAR playbooks for automated response
- Collaborate with DevOps and engineering teams to embed security requirements in CI/CD pipelines, leveraging IaC tools
- Facilitate design workshops, governance gates, and architecture review boards; document decisions and action items
- Mentor junior architects and security engineers, sharing best practices and driving continuous improvement
General Skills
- Proven leadership in technical security architecture for enterprise environments
- Deep expertise across cloud service providers (AWS, Azure, GCP) and SaaS ecosystems
- Strong grounding in application architecture, networking, and security operations
- Proficiency in structured design methodologies and ITIL service-management practices
- Ability to translate complex business requirements into actionable security solutions
- Experience creating conceptual, logical, and physical process/data models
- Track record of developing, recommending, and governing security architecture
- Awareness of emerging technologies, industry trends, and security best practices
- Excellent analytical, problem-solving, decision-making, and interpersonal skills
- Clear verbal and written communication; skilled at presenting to technical and executive audiences
- Collaborative team player with a consistent record of meeting deadlines
Skills
Experience and Skill Set Requirements
Core Security Technology Domains (45%)
- Identity & Access Management: SSO, MFA, PKI, identity federation (OAuth/OIDC, SAML)
- Infrastructure & Network Security: VCN/VNet/subnet design, firewalls, security groups, micro-segmentation, SASE patterns
- Data Protection: KMS/Vault key management, TDE, tokenization, DLP, data classification and discovery
- Application Security: Secure SDLC, container and serverless hardening, API gateway policies, WAF integration
- Security Operations & Visibility: SIEM ingestion pipelines, correlation searches, dashboards, SOAR automation, EDR tools
Agile Project Delivery (15%)
- Hands-on experience in Agile/Scrum environments: backlog management, user-story creation, sprint planning, retrospectives
- Embed security requirements and automated testing into CI/CD pipelines
- Facilitate cross-functional workshops (threat modeling, design sprints) to align SecOps, DevOps, and architecture teams
Architecture & Design Expertise (35%)
- Apply frameworks (TOGAF, NIST CSF, CIS Controls) to cloud and SaaS solutions
- Lead requirements gathering, conceptual, logical, and detailed design phases
- Provide engineering implementation support: IaC (Terraform, CloudFormation), configuration templates, logging-agent deployments
- Guide peers through design reviews, governance gates, and operational handovers
Public Sector & Regulatory Awareness (5%)
- Previous public-sector or regulated-industry experience is a plus
- Familiarity with mandates and standards (FIPPA, PHIPA, PCI DSS, AODA, ISO 27001)
- Embed audit trails, retention policies, and compliance checks into design artifacts
Must-haves:
- Security arch and design with Cloud Platforms -(AWS, Azure)
- Client Relationship Building skills.
About Foilcon
IT Services and IT Consulting
1-10
At Foilcon, we are focused on delivering results to our clients. To be their go to partner for technical services, application developement, integration and training. This leads us to our goals of being a great partner and being the good guys.
With our global resources, we bring the rest of the world within reach to our customers.
Our nimble, experienced team moves from ideas to execution rapidly.
Our motto..There is always a way
About the role
HM Note: This hybrid contract role is three (3) days in office. Candidates resume must include first and last name.
Description
Key Responsibilities
- Lead end-to-end security design and architecture reviews for common cloud platforms (AWS, Azure, GCP) and major SaaS applications
- Develop and maintain secure-by-design reference architectures, patterns, and guidelines tailored to IaaS, PaaS, and SaaS deployments
- Perform threat modeling, risk assessments, and gap analyses to align solutions with internal security standards and regulatory requirements
- Define identity and access control strategies, including SSO, MFA, PKI, and least-privilege models
- Design various network and infrastructure security controls: e.g. network segmentation, security groups, firewalls, SASE, IPS/IDS
- Architect data protection solutions: encryption key management, Transparent Data Encryption, tokenization, DLP for cloud and SaaS data
- Integrate application and infrastructure logs into SIEM platforms (Splunk Cloud, Azure Sentinel) and design SOAR playbooks for automated response
- Collaborate with DevOps and engineering teams to embed security requirements in CI/CD pipelines, leveraging IaC tools
- Facilitate design workshops, governance gates, and architecture review boards; document decisions and action items
- Mentor junior architects and security engineers, sharing best practices and driving continuous improvement
General Skills
- Proven leadership in technical security architecture for enterprise environments
- Deep expertise across cloud service providers (AWS, Azure, GCP) and SaaS ecosystems
- Strong grounding in application architecture, networking, and security operations
- Proficiency in structured design methodologies and ITIL service-management practices
- Ability to translate complex business requirements into actionable security solutions
- Experience creating conceptual, logical, and physical process/data models
- Track record of developing, recommending, and governing security architecture
- Awareness of emerging technologies, industry trends, and security best practices
- Excellent analytical, problem-solving, decision-making, and interpersonal skills
- Clear verbal and written communication; skilled at presenting to technical and executive audiences
- Collaborative team player with a consistent record of meeting deadlines
Skills
Experience and Skill Set Requirements
Core Security Technology Domains (45%)
- Identity & Access Management: SSO, MFA, PKI, identity federation (OAuth/OIDC, SAML)
- Infrastructure & Network Security: VCN/VNet/subnet design, firewalls, security groups, micro-segmentation, SASE patterns
- Data Protection: KMS/Vault key management, TDE, tokenization, DLP, data classification and discovery
- Application Security: Secure SDLC, container and serverless hardening, API gateway policies, WAF integration
- Security Operations & Visibility: SIEM ingestion pipelines, correlation searches, dashboards, SOAR automation, EDR tools
Agile Project Delivery (15%)
- Hands-on experience in Agile/Scrum environments: backlog management, user-story creation, sprint planning, retrospectives
- Embed security requirements and automated testing into CI/CD pipelines
- Facilitate cross-functional workshops (threat modeling, design sprints) to align SecOps, DevOps, and architecture teams
Architecture & Design Expertise (35%)
- Apply frameworks (TOGAF, NIST CSF, CIS Controls) to cloud and SaaS solutions
- Lead requirements gathering, conceptual, logical, and detailed design phases
- Provide engineering implementation support: IaC (Terraform, CloudFormation), configuration templates, logging-agent deployments
- Guide peers through design reviews, governance gates, and operational handovers
Public Sector & Regulatory Awareness (5%)
- Previous public-sector or regulated-industry experience is a plus
- Familiarity with mandates and standards (FIPPA, PHIPA, PCI DSS, AODA, ISO 27001)
- Embed audit trails, retention policies, and compliance checks into design artifacts
Must-haves:
- Security arch and design with Cloud Platforms -(AWS, Azure)
- Client Relationship Building skills.
About Foilcon
IT Services and IT Consulting
1-10
At Foilcon, we are focused on delivering results to our clients. To be their go to partner for technical services, application developement, integration and training. This leads us to our goals of being a great partner and being the good guys.
With our global resources, we bring the rest of the world within reach to our customers.
Our nimble, experienced team moves from ideas to execution rapidly.
Our motto..There is always a way