Information Security Architect

You belong at Day & Ross.

Information Security Architect

Full-Time 

Canada (On-site) 

Reporting to the Director, IT Cybersecurity, the Information Security Architect is responsible for the development and oversight of security architecture, relevant security design requirements involved in new initiatives, modification and ongoing support of existing objectives and initiatives. The Information Security Architect must work with IT business partners as well as IT professionals in evaluating Information Security risks and implementing security controls across the organization.

How You'll Help:

• Act as a core contributor to Day & Ross’s Enterprise Architecture maturity, establishing and governing a defined and repeatable Security Architecture practice aligned with Enterprise Architecture and organizational strategy.
• Own the Security Architecture domain within the broader EA model, ensuring security principles, standards, and patterns are consistently embedded across applications, infrastructure, cloud, data, and IoT platforms.
• Define and maintain security architecture artifacts appropriate to a mature EA function, including:
  • Security principles and policies
  • Target‑state and transition architectures
  • Reference architectures and reusable security patterns
  • Architecture decision records and design guardrails
• Integrate security architecture into delivery lifecycles (initiative intake, solution design, SDLC / DevSecOps), ensuring security is addressed by design rather than by exception.
• Lead security architecture reviews for new initiatives and material changes, providing authoritative guidance on design decisions, risk trade‑offs, and alignment with enterprise standards.
• Translate enterprise risk assessments, threat models, and regulatory obligations into actionable architectural requirements and remediation roadmaps.
• Contribute to the evolution of an Enterprise Security Architecture operating model, including governance forums, design review processes, and metrics that demonstrate architectural effectiveness and risk reduction.
• Design and govern IoT and telematics security architectures at enterprise scale, ensuring secure device identity, lifecycle management, connectivity, and integration with core enterprise systems.
• Partner with Enterprise Architecture, Security Operations, and Governance teams to ensure architectural standards are implementable, enforceable, and measurable.

Your Skills & Experience:

• 7+ years of experience in information security, with hands‑on responsibility for Security Architecture within medium‑to‑large enterprise environments focused on cloud security.
• Proven experience operating within a formal Enterprise Architecture function, contributing to the transition from ad‑hoc security decisions to standardized, repeatable architecture practices.
• Demonstrated ability to define and govern security architecture artifacts, including principles, standards, reference architectures, and target‑state roadmaps.
• Strong practical experience applying architecture‑centric security frameworks such as SABSA, NIST CSF, ISO/IEC 27001/27002, and Zero Trust—translating them into concrete architectural designs, not just compliance mappings.
• Experience conducting architecture‑level risk analysis and threat modeling, and using those outputs to drive design decisions and prioritization.
• Broad understanding of enterprise technology domains (networks, identity, cloud, applications, data platforms) and how security architecture patterns apply consistently across them.
• Experience influencing architecture outcomes through design reviews, standards enforcement, and stakeholder collaboration, rather than operational authority alone.
• Relevant certifications such as CISSP‑ISSAP, SABSA SCM, CISM, or SANS Architecture‑focused credentials are strong assets.
• Ability to operate effectively in an organization maturing its Enterprise Architecture capabilities, balancing progress with pragmatism.
• Experience in transportation, logistics, or highly operational environments is a strong asset.

Assets:

• Experience designing and governing IoT security architectures at scale, including device identity, authentication, lifecycle management, and secure enterprise integration.
• Familiarity with IoT and industrial security standards (e.g., NIST IoT CSF, IEC 62443) and their application within an enterprise architecture context.

Measures of Success:

• Security Knowledge: An understanding of various security control requirements, functional and conceptual designs, technical and administrative controls, and implementation approaches.
• Risk Management: ability to identify and address information security risks not covered by the security architecture, assign the correct management recommendations including mitigating controls.
• Stakeholder Management: Ability to work and communicate with a broad range of both technical and non-technical internal stakeholders.

 Additional Information

• Key internal relationships: Information Technology staff and management. Some business stakeholders.
• Occasional travel within Canada (Toronto, Ontario and/or Florenceville, New Brunswick, etc.) and USA may be required.
• Job primarily performed in a standard office environment, however, work from home is available with manager approval.

To apply, visit our Careers page at dayross.com.

If you’re chosen for the role, you’ll be asked to provide reference and criminal background checks before employment. You’ll only be contacted if you’re selected for an interview. 

About Day & Ross

From a single truckload of potatoes in the 1950s to a fleet of thousands, Day & Ross has grown to become one of the largest transportation and logistics providers in North America. With over 7,500 team members on and off the road in the US and Canada, we offer a diversified portfolio of freight and delivery solutions, including LTL, Truckload, Residential, Dedicated Fleet Solutions, and Logistics.    

We believe our people are our greatest strength. For over a decade, we’ve been recognized as one of Canada’s Best Managed Companies. We’ve also been named a Top Company for Women to Work for in Transportation since 2018. Our recognition reflects the family values we share with our parent company, McCain Foods Limited.

As a federally regulated employer, Day & Ross fully supports the principles of employment equity and encourages all qualified members of the designated groups to apply. Day & Ross is committed to ensuring equal access and participation for people with disabilities and meeting their needs in a timely manner. We will do so by removing and preventing barriers to accessibility and by meeting our accessibility requirements under Accessible Canada Regulations and in alignment with our business practices, capabilities, and values.

#LI-MR1 #LI-Onsite