IT Security Architect

Petal is a leading Canadian healthcare orchestration and billing company that revolutionizes healthcare systems to make them agile, efficient, and resilient by enabling the forecasting and shaping of world-class healthcare through Healthcare BI, advanced analytics, and informed insights.

Our commitment to fostering an exceptional workplace culture has earned us notable recognitions, including being listed as a Great Place to Work in both the technology and healthcare sectors.

Join us in our mission to empower healthcare innovators and improve healthcare differently.

What you can expect when joining the team

As an IT Security Architect at Petal, you will play a crucial role in the company's security by conceptualizing the new security infrastructure to continue safeguarding our clients' information security within our applications.

Your role will also be vital in promoting a security by design mindset throughout the organization.

We are seeking a candidate who combines in-depth knowledge of security practices with a sharp ability to effectively transmit this knowledge.

Your efforts will be essential in integrating a robust security culture at the core of our company. Your role will not only involve teaching security but also transforming our mindset and approach to security in our daily operations.

Your daily life

During the day, you will be led to :

• Plan, study, and design resilient security architectures for various IT projects;
• Develop security requirements for networks, firewalls, routers, and other network devices;
• Conduct vulnerability assessments, security tests, and risk analyses on infrastructure components and propose mitigations;
• Participate in researching, evaluating, and selecting products or technologies in line with stated requirements and the strategic evolution of the field;
• Anticipate potential security threats and act accordingly in a timely manner;
• Design security improvement roadmaps in collaboration with security and IT management;
• Implement new tools to protect against intrusions and monitor relevant progress;
• Make significant risk-based security decisions in accordance with company policies, compliance, and governance;
• Oversee and support the implementation of standards and guidelines for teams executing security plans and projects;
• Assess security and conduct and / or coordinate penetration tests, cyber forensics;
• Guide security and network operations in resolving high-risk challenges;
• Collaborate closely with the enterprise architect and solution architects to ensure that the required technological infrastructure for new solutions is considered before project or initiative launches;
• Design and develop security architecture models that meet regulatory obligations, data protection requirements, as well as align with business security strategy and enterprise;
• Conduct security assessments, identify gaps in existing security architecture, and recommend changes or improvements;
• Assist in the development of the Business Continuity Plan and Disaster Recovery Plan (BCP / DRP).
• Identify and prioritize system functions required to promote continuous availability of critical business processes;
• Research information security standards, conduct system security analyses, and vulnerability and risk assessments;
• Identify integration issues and prepare effort estimates;
• Define and document how the implementation of new technology impacts the security posture of the current environment;
• Determine security requirements by evaluating business strategies and requirements;
• Define security strategies by specifying intrusion detection methodologies and necessary equipment;
• Effectively communicate with other team members, write reports on vulnerabilities, and raise awareness of the importance of security.

Your profile

Are you an esteemed IT Security Architect known for your ability to design robust security solutions? Are you in pursuit of an opportunity to propel your career forward?

The sky is the limit! If you have :

• A Bachelor's degree in Computer Science, Software Engineering, Computer Security, or a related field - a Master's degree in Computer Security is an asset;
• Experience with Azure / O365 Cloud and its security ecosystem (Defender / Sentinel);
• Excellent communication and presentation skills, with the ability to explain complex security concepts to both technical and non-technical audiences;
• Knowledge of common security frameworks such as ISO 27001, NIST, etc.;
• Familiarity with security tools such as vulnerability scanners, intrusion detection tools, etc.;
• Strong attention to detail and solid skills in analysis, organization, and task management;
• Security certifications (CISSP / CCSP / OSCP, etc.) (an asset);
• Since you will be regularly interacting with English-speaking colleagues and suppliers located outside of Québec, proficiency in both English and French (spoken, written, and read) is preferable.

Petal’s position on remote working

In our opinion, a company cannot claim to be modern, innovative and have the well-being of their team at heart, without attempting to integrate remote working to the level that their business model allows them to.

Petal employees continue to benefit from the option of teleworking up to the maximum flexibility permitted by the nature of the position and the smooth running of operations.

Our benefits

• A signing bonus of $1,000 for your remote work set-up;
• Compensation that recognizes your contribution;
• 4 to 6 weeks of paid vacation per year;
• 5 paid personal days per year ;
• A group RRSP / DPSP plan with employer contribution;
• A complete group insurance plan, from day 1
• An annual wellness allowance;
• Access to the Lumino Health telehealth application;
• Flexible work hours and more.

Petal is an active participant in the equal opportunity employment program, and members of the following target groups are encouraged to apply : women, people with disabilities, aboriginal peoples and visible minorities.

If you are a person with a disability, assistance with the screening and selection process is available on request.