Назад
Company hidden
22 часа назад

Director, Security Architecture & Threat Modeling (SaaS)

138 200 - 159 800CAD
Формат работы
remote/hybrid
Тип работы
fulltime
Грейд
director
Английский
b2
Страна
Canada
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Director, Security Architecture & Threat Modeling (SaaS): Leading the security-by-design strategy and threat modeling initiatives across cloud-native and AI-enabled platforms with an accent on secure architecture, risk analysis, and cross-functional engineering collaboration. Focus on embedding security into the SDLC, defining cloud security guardrails, and maturing governance for LLM-based products.

Location: Toronto, Canada (Remote and hybrid options available)

Salary: $138,200 – $159,800 CAD

Company

hirify.global is a market-leading SaaS provider specializing in Sales Performance Management (SPM) and revenue optimization solutions for global organizations.

What you will do

  • Define and execute the security architecture and secure-by-design strategy.
  • Lead threat modeling activities, including data flow analysis and attack path identification.
  • Partner with Engineering and Product teams to embed security requirements into development workflows.
  • Conduct architecture reviews across AWS, Azure, and IBM Cloud environments.
  • Assess security risks within AI-enabled products and agentic workflows.
  • Communicate architectural risks and security recommendations to executive stakeholders.

Requirements

  • 10+ years of experience in Information Security.
  • 3+ years of experience in Application Security Architecture and Threat Modeling.
  • 3–5 years of experience in Software Development or Engineering.
  • Expertise in threat modeling methodologies such as STRIDE, CAPEC, and MITRE ATT&CK.
  • Strong understanding of cloud security, DevSecOps, and secure SDLC practices.
  • Ability to influence stakeholders at all levels across technical and non-technical teams.

Nice to have

  • Certifications such as CISSP, CSSLP, ISSAP, CISM, CRISC, or OSCP.
  • Experience with containerized and serverless security architectures.

Culture & Benefits

  • Comprehensive medical, dental, and vision coverage.
  • Flexible work environment with remote and hybrid options.
  • Dedicated learning days (Ignite Days) for professional development.
  • Tuition assistance for continuing education.
  • Paid time off and public holidays.
  • Retirement plans to support long-term financial security.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →