Security Advisor
Job Description
Our client seeking a proactive and business-minded Security Advisor to join their cybersecurity
team. The good candidate will play a critical role in ensuring security is embedded by design,
providing strategic and tactical guidance to projects and business units, and enabling secure
digital transformation while aligning with enterprise objectives.
This role bridges the gap between
technical security and business enablement, ensuring risk is managed without hindering
innovation.
Requirements:
• Advise project and product teams on security best practices during the design, build,
and deployment phases, ensuring security is embedded early and consistently.
• Serve as a trusted advisor to the business, understanding strategic goals and providing
pragmatic security solutions that enable rather than block innovation.
• Review and assess new and ongoing technology initiatives to ensure security
requirements are met, risks are understood, and mitigations are in place.
• Support project delivery teams in meeting compliance with internal security policies,
industry standards, and regulatory obligations.
• Contribute to developing and maintain security design principles, blueprints, and
reusable patterns that guide teams in implementing secure systems.
• Lead and participate in threat modeling, architecture reviews, and risk assessments
across projects, technologies, and business processes.
• Act as a liaison between security, IT, and business stakeholders to ensure security
strategies and business objectives remain aligned.
• Champion a “shift-left” security approach, driving awareness and ownership of security
across technology and business functions.
• Provide input into the security governance framework, contributing to the creation and
enhancement of policies, guidelines, and control frameworks.
• Stay informed on evolving security risks, business trends, and emerging technologies,
and proactively assess their potential impacts on the organization.
• Promote a culture of secure innovation, advocating for balanced risk-taking supported
by strong security foundations.
Education & Experience:
• You hold a Bachelor’s or Master’s degree in Information Security, Computer Science,
Information Technology, or a related field.
• You bring at least 5 years of experience in information security, with strong experience
in security advisory, secure project delivery, or security architecture consulting.
• Experience working in enterprise or complex environments, particularly in a
consultative capacity with stakeholders across IT, business, and risk functions.
Qualifications:
• Strong knowledge of information security principles, frameworks, and standards such
as ISO 27001, NIST CSF, OWASP, and secure SDLC methodologies.
• Familiarity with business analysis and understanding of how to align security decisions
with business objectives, risk appetite, and regulatory compliance.
• Demonstrated experience supporting cloud, application, and infrastructure projects
from a security perspective.
• Ability to articulate and balance risk and value, delivering security guidance that
supports project velocity and enterprise priorities.
• Experience in conducting or reviewing threat modeling, data classification, and
security architecture reviews.
• Relevant certifications are a plus: CISSP, CISM, SABSA, TOGAF (with security focus),
CCSP, or equivalent.
Soft Skills:
• You are a confident communicator with the ability to influence technical and business
stakeholders at various levels.
• You bring a pragmatic and solutions-oriented approach to security, focusing on
outcomes over obstacles.
• You demonstrate strong advisory and consulting skills, with the ability to translate
security requirements into actionable and understandable guidance.
• You have excellent collaboration and interpersonal skills, working effectively with
cross-functional teams in a matrixed environment.
• You can manage multiple priorities with precision, operating both strategically and
tactically as needed.
• You are fluent in English, French language is a plus.
