Job Description
Vancity is a member‑owned credit union built on the principles of inclusion and social justice. A relentless commitment to their values has helped them challenge the status quo and break down barriers since day one in 1946. They have bold commitments to make Vancity net‑zero by 2040 across all mortgages and loans and are pursuing strategies on Indigenous banking and to improve the financial resilience of their members.
Vancity is the largest private‑sector Living Wage Employer in Canada and has been consistently recognized as one of the Top Employers in Canada. If you’re interested in joining their team of 2,700 diverse individuals and accessing competitive rewards and benefits, all while knowing you are part of a greater movement, then apply today!
Your Role in Supporting Our Members
As Enterprise Security Architect at Vancity, you’ll play a pivotal role in shaping and delivering enterprise‑wide cybersecurity initiatives. You’ll lead the design and implementation of secure solutions, guide junior architects, and collaborate with cross‑functional teams to embed security into business and technology strategies. This role offers the opportunity to influence enterprise architecture, contribute to policy development, and support a risk‑based approach to protecting Vancity’s digital assets – all while staying at the forefront of evolving cyber threats and regulatory standards.
This is a permanent, full‑time role that will enjoy hybrid working arrangements. Our head office is based in Vancouver, but we are open to candidates in BC and Ontario. While this position provides a hybrid work arrangement, you will be expected to be on‑site for events and business demands when needed.
How You'll Make an Impact
Design and establish enterprise application security architecture frameworks, patterns and reference models aligned with business objectives and risk tolerance
Lead architecture reviews of applications and systems to identify security gaps and recommend appropriate controls
Architect security solutions for authentication, authorization, encryption, and secure communication channels
Develop and maintain security baselines, standards, and patterns for different technology stacks (web, mobile, API, microservices) and deployment models
Integrate security architecture principles into CI/CD pipelines to support DevSecOps initiatives
Contribute to the development of enterprise security documentation such as policies, standards, baselines, guidelines, and procedures
Provide mentorship and direction to junior security architects
Manage and participate in the Application Security Champions program
Collaborate with project leads to define requirements, design controls, and implement scalable security services aligned with Vancity’s cybersecurity vision
Partner with business units and enterprise architecture teams to deliver risk‑based security guidance and support an integrated security service portfolio
Assess security risks across programs, projects, and operational processes, and recommend architecture remediation strategies
Stay current on cyber threats and emerging technologies to inform investigation techniques and enhance incident response capabilities
What you’ll bring to the team
Bachelor’s degree in STEM, Computer Science, Engineering, or a highly related field
12+ years of experience in IT and/or Information Security
5+ years Secure Application Architecture experience developing and maintaining security baselines, standards, and patterns for different technology stacks (web, mobile, API, microservices) and deployment models
8+ years hands‑on Secure Software development & DevSecOps experience within a formalized SSDLC
Extensive knowledge and experience of secure coding practices and working with SAST, DAST, SCA, IAST tools
Experience in designing secure architectures e.g. networking, Cloud, IDP, API, tokenization, Identity management (OAuth2, OIDC, SAML), Zero trust Architectures, etc.
Strong understanding of security controls across all layers of the OSI model
Extensive Threat modelling experience
Penetration testing experience backed up with relevant certifications e.g. OSCP, GPEN, etc.
Experience designing secure systems and integrations with enterprise applications
Awareness of Canadian regulatory environments (e.g., OSFI, PIPEDA) and their impact on security programs
Experience securing public cloud offerings (Azure is preferred) with relevant Cloud/Security certifications
Information Security Certifications in one or more of the following is required: CISSP, CCSP, GISP, GSE
Information Technology Certifications in one or more of the following will be an asset: TOGAF, SABSA, CSSLP, GIAC GWEB/GCSA/GWAPT/GDSA/GCSA, Azure Architecture/Security certs
Experience with or knowledge of PCI DSS 4.2, ISO 27001, NIST CSF and NIST 800‑53 control frameworks is highly desired
Strong stakeholder engagement and communication skills across technical and non‑technical audiences
You’ll Thrive Here If You Are
A Strong Communicator – you use your strong communication and interpersonal skills to create clear understanding of expectations and represent the team across the organization through clear and confident communication
Organized & Systematic – your planning and coordination skills develop solid operating plans, processes, methods and standards for a unit and help coordinate delivery of critical information in a timely manner
Analytical & Decisive – with your strong problem solving and decision making skills, you can diagnose challenges and issues; develop innovative investigative solutions; and assess risks and opportunities that may affect the information security team
Self Motivated – you are a self‑motivated and inquisitive individual that takes initiative to follow through and deliver results without continuous supervision
What You’ll Earn
This role offers a salary range of $140,000 - $170,000. The base pay offered may vary depending on factors such as relevant qualifications, skills, previous experience, and internal equity. As part of our total rewards package, employees may also be eligible for our annual incentive program, subject to program eligibility requirements.
Why You’ll Love Working Here
A career at Vancity is more than just a job, you’re joining a tradition of change‑makers who are creating lasting change for our communities. Beyond base pay, we offer a comprehensive total rewards package to ensure our employees are empowered to thrive:
Living Wage Employer : We’re the largest private‑sector Living Wage Employer in Canada and consistently ranked among Canada’s Top Employers
Customizable Benefits : Permanent employees receive flexible benefit packages that can be tailored annually to meet evolving needs
Generous Vacation : New employees start with 3-4 weeks of vacation per year, with additional days earned over time
Extra Stat Holidays : In addition to BC’s 11 statutory holidays, we offer 2 extra days, plus care days for personal or family illness
Immediate Health Coverage : Health and dental benefits begin on your hire date, with three levels of coverage to choose from
Defined Benefit Pension : Our retirement plan provides a guaranteed income for life, recognizing that retirement looks different for everyone
Vancity Talent Programs
Vancity supports an inclusive hiring process for candidates who self‑identify as Indigenous, Black, or Trans. With special permission from the BC Human Rights Commissioner, this initiative provides access to career development opportunities, prioritized job screening, and feedback. Any information you choose to share will be stored securely and used only for recruitment and career development connected to this initiative, in line with the BC Personal Information Protection Act (PIPA). For details, please see our dedicated Talent Programs job posting.
Please note
As part of our standard recruitment and background‑check procedures, employment references, credentials, and relevant certifications may be checked and verified.
#J-18808-Ljbffr
