Director, Technology Security Architect

Job Number: J0426-0093

Category: Information Technology

Employment Type: Contract

City: Toronto

Posting Date: April 14, 2026

Closing Date: April 21, 2026

Company Information

CIBC Mellon is a leading provider of asset servicing solutions to institutional investors in Canada, including multi-currency accounting, fund valuation, and investment information reporting. We are passionate about providing exceptional client service backed by our culture of innovation and success. Our outstanding employee experience will provide you with opportunities to learn and grow professionally while supporting the communities in which you live and work.

We are a diverse and dynamic workplace where employees take an active role in delivering on strategic objectives while advancing their individual career goals. We encourage innovative thinking and give our employees the support and resources they need to turn great ideas into actions.

We’re always looking for talented people who can make a meaningful difference for our clients, our company and our communities. To learn more about why our employees love coming to work each day, visit www.cibcmellon.com/experience.

Position Overview

Reporting into the Assistant Vice President, Enterprise Security, the Director, Technology Security Architect, will be responsible for designing, implementing, and maintaining the organization’s security architecture to protect critical information assets and systems. This role involves developing security standards, best practices, and innovative solutions that align with business objectives and regulatory requirements. The Information Security Architect collaborates with IT, business units, and stakeholders to assess risks, recommend enhancements, and ensure the effective integration of security into all technology initiatives. The ideal candidate demonstrates deep technical expertise, strategic vision, and strong leadership skills to proactively address emerging threats and safeguard the organization’s digital environment.

Responsibilities

• Manages the design and implementation of security architecture and related standards, platforms and tools across the organization. Ensures projects and programs adhere to technology security standards and align with financial service industry expectations including those of our parent organizations.
• Works closely with IT, business units, and third-party partners to understand requirements, communicate risks, and ensure security is embedded in all technology projects and operational processes, providing architectural guidance during system development and integration.
• Define and run security architecture assurance for developed or outsourced solutions (including SDLC controls and deliverable expectations). Required artefacts: threat model, data flow diagram, security requirements, control mapping, exception/risk acceptance paperwork.
• Evaluate, identify, assess, and prioritize security risks across systems, networks, and applications. Provides input on security technologies and tools, such as firewalls, intrusion detection/prevention systems, encryption, and identity management solutions. Oversee threat modeling (STRIDE or equivalent) for new solutions and major changes.
• Serves as a member of the Architectural Review Board (ARB) at CIBC Mellon, which oversees technology standards and approves new products and systems architecture; Supports security governance responsibilities as a 2LoD function and participates on equivalent governing bodies at CIBC and BNY Mellon to ensure adequate representation for the organization.
• Provides input on security policies, standards, and guidelines to ensure security programs controls meet regulatory, legal, and audit requirements. Support internal and external audits as needed.
• Stays current with industry trends, emerging technologies, and evolving threats and vulnerabilities. Recommend and implement continuous improvements to the security posture. Advise on proactive measures and support incident response and investigation activities.
• Support the development and delivery of security awareness programs to educate employees and stakeholders on security risks and responsibilities.

Qualifications

• University degree in a technology discipline with a professional security certification (eg: CISSP, CISM, CCSP, SABSA / TOGAF)
• 7+ years of progressive IT experience, with demonstrated expertise in multiple systems environments
• Familiarity with frameworks and standards such as NIST, ISO 27001, OWASP, regulatory requirements (e.g., PCI DSS, GDPR, SOX).
• Ability to produce and review: security architecture documents, control matrices, threat models, data flows, security test strategies, exception records.
• Working knowledge of various security domains such as network protocols, firewalls, VPNs, IDS/IPS, network design, dev-sec-ops practices, IAM, vulnerability management, SIEM and AI security management
• Experience with securing cloud platforms (e.g., AWS, Azure, GCP), cloud security architectures, and cloud access security brokers (CASB).
• Excellent analytical, evaluative and problem-solving skills and ability to make sound, logical decisions
• Strong communication skills with an exceptional client service orientation

CIBC Mellon's Values

Get it Right Every Day: Deliver service excellence while always acting with the highest ethical standards

Put Clients at the Centre: Advocate for clients by listening, sharing knowledge, and bringing the right solutions forward

Be One Family: Challenge, empower and recognize your colleagues

Take Ownership: Speak up, speak out, and make things better

Job Specific Competencies

• The base salary range for this position is between $120,000 - $168,000 dependent on relevant experience.
• Please note, our recruitment process may include the use of AI-assisted tools.
• This role is for an existing opening.

CIBC Mellon is committed to taking all reasonable steps to accommodate the needs of all individuals. Should you require any accommodations during the recruitment and selection process, please speak with your Recruitment Consultant.