Description

Join us in cultivating a collaborative workplace driven by unique perspectives. We’re proud PwC advances a culture that helps everyone to thrive. It's one of the reasons we're recognized as a "Top Company" to work for in Canada. As you ignite a meaningful career and build a network that’ll last for life, you'll work with people from diverse backgrounds and industries to help solve important problems, empowered by technology to turn today's ideas into tomorrow's solutions. We cultivate an environment in which our differences are embraced and our people feel comfortable bringing their whole selves to work. An empowering and diverse environment starts with you. Are you ready to get started?

A career within Cyber, Privacy and Financial crime (CP&FC) services, will provide you with the opportunity to help organizations develop and execute strategies to mitigate and manage cyber risk to their business in complex technology environments.

A role within the Cloud Security Practice, will provide you with the opportunity to assist leading organizations on their cloud journey with developing and implementing innovative cyber strategies for Cloud and re-imagine how security gets delivered in and for cloud. We take a “risk based” approach when designing strategies and delivering technology with an agile operating model. Our mindset is to always look for opportunities to re-engineer legacy security with a fit-for-cloud design. We assist our customers to embrace multi-cloud, hybrid-cloud, confident adoption risks are addressed along the way.

Joining this growing team will allow you the opportunity to shape, scale and provide leadership to a group of highly skilled cloud Security architects, engineers, and governance leads. You will be able to combine your consulting, technical and industry expertise to build and deliver security in the new cloud world with evolving operating models and a completely new portfolio of tools and technologies at disposal.

With a multi-platform (Azure, AWS, GCP, SaaS) focus you will collaborate with internal teams and customers to develop secure hybrid cloud architectures, deliver DevSecOps transformation strategies , customized Managed Cloud Security services and Engineer secure platform controls.

Important points to consider

COVID-19 Vaccination Policy: Putting the safety of our people and clients first as we look to a hybrid future: The health, well-being and safety of our colleagues, clients, and communities is our number one priority. Vaccinations have proven to reduce the risk of COVID-19. Effective Friday, October 1, 2021, PwC Canada requires all partners, staff, contractors and visitors to be fully-vaccinated when entering a PwC location, subject to applicable legal exemptions. At PwC, the future ways of work will be a hybrid of in-person and virtual, allowing choice and flexibility to explore new ways of working and collaborating. Read this press release for further details.

Location flexibility:This role has the option of being based anywhere in Canada.

What you’ll create and do

As a Cloud Security Engineering Director, you'll work with the CP&FC, Cloud Engineering Group and lead a team of Cloud security SMEs and Cyber specialists, leveraging emerging Cloud technology services and Enterprise security solutions to build and deliver advanced and innovative CloudSec services from strategy to execution.  As a Director, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Responsibilities include but are not limited to:

Relationship Management - 10%

Customer / Project Meetings - 15%

Team Coaching, Recruiting, and Mentorship - 20%

Implementation, Innovation (building), and Learning - 55%

Relationship Management

Manage and grow a collection of new and existing client relationships, helping to drive new opportunities.

Maintain relationships with fellow colleagues.

Customer Success

Collaborate with cross functional team members to develop and propose to potential customers technical cloud security based solutions including proposals and statements of work.

Help others think critically and educate non-technical audiences and stakeholders on complex technical solutions both orally and in writing.

Assist to develop reference architectures and secure best practice approaches to optimize and secure clients’ cloud adoption.

Articulate value propositions, business and technology justifications, and architectural decisions.

Analyze business and technical requirements and translate to designs and approach.

Participate in meetings and discussions with internal and external customers.

Identify and prioritize use cases for implementation.

Identify technical requirements for the identified use cases and build an implementation plan.

Deliver presentations and technical demonstrations to customers and to the community at industry events.

Coaching, Recruiting, and Mentorship

Collaborate with team members and foster an environment where technical professionals can develop their skills and grow their careers; taking on increased responsibility and adding value to the organization.

Recruit and develop a highly capable cloud Security Architecture & engineering team, provide coaching and foster an environment where technical professionals can develop their skills and grow their careers; taking on increased responsibility and adding value to the organization.

Provide coaching and mentoring to fellow team members.

Implementation, Innovation (building), and Learning

Develop reference architectures and engineering best practice approaches to make security nimble and integrated for clients’ cloud adoption.

Provide technical and go to market leadership focused on asset driven cloud based solutions and services, collaborate and lead development focused teams members to engineer and automate security controls for multi-cloud, hybrid-cloud architectures.

Identification and build of reusable and repeatable cloud-based patterns and artifacts that the practice can bring to market.

Implementation of cloud agnostic use cases leveraging cloud provider and 3rd party tools to deliver business outcomes for customers based on the identified requirements.

Develop new and existing internal and external client relationships leveraging innovative methodologies, practices, tools and assets to address key market trends and challenges.

Take an “always learning” approach to your role, continuing to advance your skills, knowledge and network in Cloud Security.

Cloud moves fast and requires a lot of “labbing and learning”, be an out of the box thinker; look for opportunities to learn new software and technology.

Maintain up-to-date knowledge on AWS / Azure / GCP security offerings in addition to standard Cloud security solutions.

Be an active member in the technology community, provide thought leadership and mentorship, share your knowledge and expertise.

Leadership

Lead initiatives identified to shape the foundation for the cloud Security engineering practice, refine resource requirements, project workflow, operating budget requirements.

Develop new and existing internal and external client relationships leveraging innovative methodologies, practices, tools and assets to address key market trends and challenges.

Collaborate with senior leadership to define, develop and implement the strategic direction and focus on emerging trends, threats and opportunities in Cloud security space.

What you’ll bring to this role

An interest in upskilling for a digital world and technology trends, an openness to learning new tools and adapting how you work.

A demonstrated commitment to valuing differences, developing and coaching diverse teams, and ensuring diverse perspectives are heard.

An interest to continuous upskilling for a digital first world and embrace technology trends, an openness to learning new tools and adapting how you work.

A demonstrated commitment to valuing differences, developing and coaching diverse teams, and ensuring diverse perspectives are heard.

Relevant years’ experience working as Cloud /DevSecOps Engineering manager, lead Architect or related capacity.

Demonstrated experience in engineering and modernizing cloud security controls, secure design, Implementation of Cloud Provider security best practises, project execution, practice management and an understanding of Security and Compliance frameworks for Cloud.

Extensive experience in development and execution of cloud security programs working across functional teams including: Enterprise Architecture, Platform Engineering, Office of CISO, Privacy, Governance and Management CoEs.

Experience in a technical leadership capacity to implement and secure cloud based projects with a specific focus on the following:

Secure Cloud architecture leading practices and patterns, the development of cloud foundational and advanced Technical, Operational and Governance controls across security domains. Domains include: Identity and Access Management, IaaS/PaaS/CaaS/Serverless services, Apps/API security, DevSecOps, Data Security and Crypto, Network Security, Logging and Monitoring

Cloud Security Maturity and Privacy Frameworks

Change management practices including organizational models, roles / responsibilities and technology tooling and automation

Full Stack Pen testing and Threat Modeling for Cloud services and Applications

Experience delivering in waterfall, scrum, agile, and other methodologies.

Good oral and written communication skills, including developing business presentations, technical writing and facilitating data driven options analysis, senior level stakeholder discussions with an ability to express complex technical concepts in terms that are understandable to the business.

Technical experience in many of the following areas:  

Azure/AWS/GCP Solutions Architect

GCP Professional Cloud Security Engineer

Azure Security Engineer

AWS Security Specialist

Azure/AWS/GCP DevSecOps

NIST/CSA/CIS/PCI Controls 

HashiCorp Security Automation

Pentesting and Threat Modeling in Cloud

CSPM / CWA / CASB / Cloud Native SIEM/SOAR platforms

Infrastructure as code - Terraform, Ansible, ARM templates, etc

Configuration management - Ansible, Puppet, Chef, Saltstack, etc

CI/CD - Jenkins, Tekton, ArgoCD, Flux

Linux / Unix shell

Git and various git platforms (GitHub, GitLab, BitBucket, etc)

Application monitoring and alerting

Application migration and modernization (microservices etc)

Technical presentations and public speaking engagements