Position: Solution Architect (AppSec) Location: Toronto, ON (Hybrid) Employment Type: Full-Time Total Experience: 10 + Years

Role Summary: Leads end-to-end design and governance of AI-driven vulnerability detection & remediation platform ensuring Zero Trust, compliance, auditability and secure SDLC integration.

Key Responsibilities: • Define AI-driven AppSec reference architecture (Checkmarx + CI/CD + Agentic AI) • Lead Zero Trust Architecture (ZTA) design (API security, identity, RBAC, ABAC) • Define secure SDLC & DevSecOps frameworks • Drive LLM-driven vulnerability detection and remediation governance • Lead risk assessment, compliance mapping (PCI-DSS, SOX, OSFI, NIST) • Oversee multi-agent decision governance (LLM judge, consensus controls) • Ensure auditability (trace IDs, evidence logs, SIEM integration) • Conduct AI/ML security risk reviews (model integrity, prompt injection, data leakage) • Define policy for auto-remediation vs escalation thresholds

Required Skills: • AppSec (SAST, SCA, DAST), API security, IAM • Strong in Checkmarx / Snyk / Fortify ecosystem • Zero Trust (NIST 800-207), cloud security (GCP/Azure) • AI security (prompt injection, model abuse, LLM risk management) • CI/CD (GitHub, Jenkins, GitLab) AI/Agentic Expectations • Define agent orchestration strategy (multi-agent + judge model) • Establish guardrails for AI decisions and suppression workflows • Lead RAG-based knowledge integration for secure coding