Job Title

Job Title: Senior Specialist, Cloud Security Assessment Closing Date: April 03, 2026, 12:00 p.m. (Eastern Standard Time) Location: Downtown, Toronto Employment Type: Full-Time Salary: $123,833 to $170,184 Consider Your Role with Aliant Resources and Our Municipal Government Client - The City of Toronto About Us: Aliant Resources is a dedicated provider of IT staffing services, committed to promoting diversity, equity, inclusion, belonging, anti-racism, and accessibility in all facets of our operations. Job Description: The Senior Specialist, Cloud Security Assessment will be responsible for supporting the Chief Information Security Officer (CISO) in executing the Citys cyber vision, strategy, and goals. The primary focus will be on advising and delivering technical expertise related to cloud security initiatives across the Citys divisions, agencies, and corporations. This role will involve the development, implementation, and continuous improvement of cloud security measures, engaging with teams to enhance the cyber security posture of cloud environments. The Senior Specialist will provide senior-level guidance, subject matter expertise, and operational support within the Cyber Architecture and Application area, ensuring the cloud infrastructure is both secure and compliant with best practices and regulatory requirements. Major Responsibilities: Assist with the secure design, implementation, and management of security cloud solutions for the City, ensuring the protection of critical data and systems in the cloud environment. Conduct security assessments, threat modeling, and architecture reviews of existing cloud architectures, identify cyber security gaps, and recommend solutions to enhance cloud security posture. Provide leadership and direction in the research, design, planning, and execution of cloud security initiatives to address emerging threats and trends related to generative/Agentic AI, data usage, access governance, monitoring, and misuse, and advising stakeholders on secure and responsible adoption of AI technologies in cloud environments. Provide subjectmatter expertise in PCIDSS compliance within cloud environments, supporting PCIDSS scoping, control validation, evidence review, and remediation guidance for cloudhosted payment systems and integrated thirdparty services. Collaborate with cross-functional teams to ensure the secure adoption and operation of secure cloud services, while identifying areas of improvement for ongoing cloud security practices. Assist in developing, documenting, and enforcing cloud security policies, standards, and guidelines. Ensure alignment with industry best practices, frameworks, and regulatory compliance requirements through comprehensive security assessments and collaborative discussions Assist the technology team in implementing robust security controls in cloud environments, safeguarding against potential cloud-specific vulnerabilities. Offer training and mentorship to internal teams, promoting the adoption of cloud security concepts and best practices, including network security and data protection in the cloud. Drive alignment between business and technical teams on cloud security priorities and initiatives, ensuring seamless execution of cloud security programs. Stay informed on the latest cloud security developments and trends to proactively recommend improvements and ensure the organization remains ahead of potential threats. Provides direction, leadership and guidance to project teams, assigned project staff and contract resources. Oversees and reviews their work. Provides input into assigned project budgets, ensuring that expenditures are controlled and maintained within approved budget limitations. Provides subject matter expertise and strategic advice on cyber security issues affecting the organization, identifying potential exposures, and conducting reviews to ensure that undesirable effects are detected, mitigated and/or corrected, and providing pragmatic advice to clients to ensure that cyber risks are managed appropriately. Serves as the internal/external point of contact and subject matter expert in their respective function. Determines cyber security requirements of business strategies in order to provide appropriate advice, guidance, and technical solutions. Provides leadership in the evaluation, selection and recommendation of technical solutions and professional services. Identifies and evaluates emerging security technologies. Participates in the development of transformation strategies focused on security, integrating and managing new or existing technology systems to deliver continuous operational improvements and detect, respond, and remediate threats. Resolves cyber risk issues. Escalates significant cyber risk matters to senior management when required. Deals with confidential information affecting the organization and its resources. Prepares and presents reports to management supporting recommendations on changes/improvements in business processes, training and services standards that impact appropriate staffing levels and resource allocation. Makes recommendations based on investigation results which could lead to the discipline or dismissal of staff. Provides project coordination and management support, and ensures comprehensive and effective information communication across various functional and project teams. Provides support in the design, implementation, maintenance, and enforcement of policies, procedures, and controls. Prepares and/or supervises the preparation of various formal contractual documents such as Request for Information/ Proposal/Quotation, Statement of Work, Memorandum of Understanding and Service Level Agreements. Maintains accurate reporting of key risk metrics and associated measurements in alignment with the cyber risk appetite. Builds and maintains strong relationships with internal and external stakeholders. Establishes relationships with strategic partners, collaborating on the advancement of cyber programs. Key Qualifications: Post-secondary degree in Business or Technology or a related discipline Extensive experience in cloud security assessments, threat modeling, and cloud architecture reviews Strong understanding of cloud security frameworks (NIST, CSA CCM, CIS, ISO 27001, PCI-DSS etc.) Handson implementation experience with cloud data platforms Indepth knowledge of cloud platforms (AWS, Azure, Google Cloud) Strong knowledge of SSE, CASB, CSPM, CNAPP, CWPP and cloud IAM Experience with serverless, container hosting and orchestration services Strong knowledge of security practices in large, complex environments Preferred Certifications (minimum two): CISSP, CCSP, CCSK, TOGAF, ISO 27001 LA, CRISC Skills Ability to work in transformative programs. Ability to lead efficient communication between all project stakeholders, including internal teams and clients. Ability to achieve business objectives through influencing and effectively working with key stakeholders. Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors. Excellent problemsolving skills with capability to identify solutions to unusual and complex problems. Keen attention to detail and strong organizational skills. Highly organized, proactive, selfmotivated team player who takes initiative and is able to work independently. Ability to work in a fastpaced environment managing multiple priorities with proven time management skills. Strong analytical skills and ability to prioritise and multitask. Ability to prioritise and effectively manage competing priorities and projects. Ability to manage multiple initiatives while adhering to strict deadlines. Able to work extremely well under pressure while maintaining a high level of professionalism. Selfmotivated person with desire to go above and beyond tasks. Transferable skills, like communication and decisionmaking, are equally important. Being able to think on your feet and show good judgment are especially valuable in this field. Security pros should always be ready to react to cyberrelated incidents quickly. Additional Information A normal work week is 35 hours, however, unforeseen situations may require extended hours with little or no prior notice. In case of a cyber incident or breach, rotation shift and continuous extended hours may be required. Subject to a police check, background check, psychological assessment and/or other checks due to handling highly sensitive and confidential information. Diversity Statement At Aliant Resources, we are committed to building a workforce that reflects the communities we serve and to promoting a diverse, antiracist, inclusive, accessible, meritbased, respectful, and equitable workplace. Accessibility Statement Aliant Resources is dedicated to making our recruitment process accessible to everyone with or without a disability. We adhere to workplace accessibility standards to ensure that individuals with disabilities can fully participate in employment opportunities. We understand the importance of identifying and removing barriers, and we strive to provide an inclusive experience for all candidates. Workplace Accommodations We offer workplace accommodations throughout the recruitment process and all aspects of employment consistent with the requirements of the AODA and OHRC. If you require workplace accommodations due to a disability, injury, illness, or any other condition that may affect your ability to apply online or perform essential job functions, please reach out to us at [email protected]. Your request will be answered, and we will collaborate with you to provide appropriate workplace accommodations as required. How to Apply You must apply online here on LinkedIn. Your resume should not exceed three (3) pages. #J-18808-Ljbffr