We are looking for a Senior Authentication Security Architect (SASA). The SASA will be a key member of the Enterprise Security Strategy and Architecture team. The SASA will review enterprise Customer Identity and Access Management (CIAM) related initiatives and define security architecture. The SASA will collaborate with technology, business and other Information Security teams. The SASA will be responsible for evaluating emerging products and frameworks related to Identity and Authentication platforms to ensure the selected capabilities address the threat landscape, improve customer experience and integrate effectively in the BMO environment.
Define and author the standards, implementation guidance and technical standards focusing on establishing security controls and architecture from a CIAM perspective for all in-scope applications.
Partner with broader stakeholders in technology and business in defining and creating secure architecture strategies for any new solutions and products chosen in support of CIAM
Work with business to understand current controls for applications; understand current control deficiencies for applications, understand the interfaces and data flows for these applications, risk rank the applications for prioritization.
Ensure any Threat intelligence data is used to establish a threat model which can then be used to architect the authentication requirements for the applications
Participate in the system specification review process to ensure system requirements can be translated into secure software architecture.
Identify and research relevant technologies, perform Proof of Concepts / Prototypes, and recommend applications of such technologies to future product architectures.
Proactively identify and implement strategies to improve reliability, leveraging automation wherever possible.
Leverage metrics and analytics to gain insight for planning, design and management to facilitate the identification of improvement opportunities.
Lead and facilitate the design of technology projects and applications
Support and influence the achievement of the mission, goals, and objectives of the department and Bank.
Develop and recommend productivity aids in all aspects of assignments to accelerate delivery.
Must have minimally a Bachelor’s degree in Computer Science, Engineering, Information Systems or a related area.
Deep technical and system-level expertise in one or more areas in information security, at a minimum including Security architecture, application security, threat modeling, etc.
Expert knowledge of computer or network systems, hardware and software theory, practice, concepts and technology relevant to organizational vision.
Experience in engaging and influencing business, technology and security leaders / stakeholders.
Possesses a deep understanding and problem-solving ability of Information Technology of various scale, degree and dimension of complexity
Proficient in the techniques that go into producing designs of complex systems, including requirements discovery and analysis, formulation of solution context, identification of solution alternatives and their assessment, technology selection, and design configuration.
Working knowledge of the technical areas such as data warehouses, mainframes, networks, applications etc.
Working knowledge of the technology domain the architecture is being developed for. E.g. Databases, Product, Service, etc.
Required Technical Skills:
Minimum 10 years of technical Information Security experience with focus on Payment Systems security architecture
A minimum of 1 Information Security certification is required e.g. CISSP, CISSLP, CCSP, CEH, GIAC etc.
Good understanding of development architecture such as API, web services, etc. Experience with digital wallet is desirable
Good understanding of concepts / protocols viz. OAuth, OIDC, open banking, etc.
Understand the strategic technical direction of:
Continuous Integration and Continuous Deployment
Enterprise Data & Access Layers
Pertinent Styles of computing
Experience in identifying risks or issues with technology solution & design which may impact realization of project benefits and provide guidance and support to stakeholders in making good decisions to pro-actively resolve or mitigate potential risks/delays to the project.
Experience in providing sufficient guidance for the secure implementation of solutions to mitigate any negative impact on Technology and Enterprise budget.
Experience in ensuring that chosen technology is flexible, supportable and requires minimal maintenance.
Ability to review technical and architectural designs and make recommendations for improvements
Ability to perform review of vulnerability testing, risk analyses and security assessments
Telecommuting is allowed.
Internal Number: 1900008263
About Bank of Montreal
Serving customers for 200 years and counting, BMO is a highly diversified financial services provider – the 8th largest bank, by assets, in North America. With total assets of $807 billion as of January 31, 2019, and a team of diverse and highly engaged employees, BMO provides a broad range of personal and commercial banking, wealth management and investment banking products and services to more than 12 million customers and conducts business through three operating groups: Personal and Commercial Banking, BMO Wealth Management and BMO Capital Markets.We serve Canadian clients through BMO Bank of Montreal®, our personal and commercial banking business, BMO Nesbitt Burns®*, one of Canada's leading wealth management firms, and BMO Capital MarketsTM, our North American investment and corporate banking division.In the United States, clients are served through BMO Harris Bank, a major U.S. Midwest personal and commercial bank, and BMO Private Bank, with wealth management offices across the United States, as well as BMO Capital MarketsTM, our North American investment and corporate banking division.We help our customers make money make sense by delivering the broadest range of financial ...services through a single point of contact. Our financial service professionals provide access to any services our customers require across the entire enterprise.