You belong at Day & Ross.

Information Security Architect

Full-Time

Canada (On-site)

Reporting to the Director, IT Cybersecurity, the Information Security Architect is responsible for the development and oversight of security architecture, relevant security design requirements involved in new initiatives, modification and ongoing support of existing objectives and initiatives. The Information Security Architect must work with IT business partners as well as IT professionals in evaluating Information Security risks and implementing security controls across the organization.

How You'll Help:

• Act as acore contributor to Day & Ross’s Enterprise Architecture maturity, establishing and governing adefined and repeatable Security Architecture practicealigned with Enterprise Architecture and organizational strategy.

• Own theSecurity Architecture domainwithin the broader EA model, ensuring security principles, standards, and patterns are consistently embedded acrossapplications, infrastructure, cloud, data, and IoT platforms.

• Define and maintainsecurity architecture artifactsappropriate to a mature EA function, including:

  • Security principles and policies
  • Target‑state and transition architectures
  • Reference architectures and reusable security patterns
  • Architecture decision records and design guardrails

• Integratesecurity architecture into delivery lifecycles(initiative intake, solution design, SDLC / DevSecOps), ensuring security is addressedby design rather than by exception.

• Leadsecurity architecture reviewsfor new initiatives and material changes, providing authoritative guidance on design decisions, risk trade‑offs, and alignment with enterprise standards.

• Translateenterprise risk assessments, threat models, and regulatory obligationsinto actionable architectural requirements and remediation roadmaps.

• Contribute to the evolution of anEnterprise Security Architecture operating model, including governance forums, design review processes, and metrics that demonstrate architectural effectiveness and risk reduction.

• Design and governIoT and telematics security architecturesat enterprise scale, ensuring secure device identity, lifecycle management, connectivity, and integration with core enterprise systems.

• Partner with Enterprise Architecture, Security Operations, and Governance teams to ensure architectural standards areimplementable, enforceable, and measurable.

Your Skills & Experience:

-7+ years of experiencein information security, withhands‑on responsibility for Security Architecturewithin medium‑to‑large enterprise environments focused on cloud security.

• Proven experience operating within aformal Enterprise Architecture function, contributing to the transition fromad‑hoc security decisions to standardized, repeatable architecture practices.

• Demonstrated ability todefine and govern security architecture artifacts, including principles, standards, reference architectures, and target‑state roadmaps.

• Strong practical experience applyingarchitecture‑centric security frameworkssuch asSABSA, NIST CSF, ISO/IEC 27001/27002, and Zero Trust—translating them intoconcrete architectural designs, not just compliance mappings.

• Experience conductingarchitecture‑level risk analysis and threat modeling, and using those outputs to drive design decisions and prioritization.

• Broad understanding ofenterprise technology domains(networks, identity, cloud, applications, data platforms) and how security architecture patterns apply consistently across them.

• Experience influencing architecture outcomes throughdesign reviews, standards enforcement, and stakeholder collaboration, rather than operational authority alone.

• Relevant certifications such asCISSP‑ISSAP, SABSA SCM, CISM, or SANS Architecture‑focused credentialsare strong assets.

• Ability to operate effectively in an organizationmaturing its Enterprise Architecture capabilities, balancing progress with pragmatism.

• Experience intransportation, logistics, or highly operational environmentsis a strong asset.

Assets:

• Experience designing and governingIoT security architecturesat scale, including device identity, authentication, lifecycle management, and secure enterprise integration.

• Familiarity withIoT and industrial security standards(e.g., NIST IoT CSF, IEC 62443) and their application within an enterprise architecture context.

Measures of Success:

-Security Knowledge: An understanding of various security control requirements, functional and conceptual designs, technical and administrative controls, and implementation approaches. -**Risk Management:**ability to identify and address information security risks not covered by the security architecture, assign the correct management recommendations including mitigating controls. -**Stakeholder Management:**Ability to work and communicate with a broad range of both technical and non-technical internal stakeholders.

Additional Information

• Key internal relationships: Information Technology staff and management. Some business stakeholders.

• Occasional travel within Canada (Toronto, Ontario and/or Florenceville, New Brunswick, etc.) and USA may be required.

• Job primarily performed in a standard office environment, however, work from home is available with manager approval.

To apply, visit our Careers page atdayross.com.

If you’re chosen for the role, you’ll be asked to provide reference and criminal background checks before employment. You’ll only be contacted if you’re selected for an interview.

About Day & Ross

From a single truckload of potatoes in the 1950s to a fleet of thousands, Day & Ross has grown to become one of the largest transportation and logistics providers in North America. With over 7,500 team members on and off the road in the US and Canada, we offer a diversified portfolio of freight and delivery solutions, including LTL, Truckload, Residential, Dedicated Fleet Solutions, and Logistics.

We believe our people are our greatest strength. For over a decade, we’ve been recognized as one of Canada’s Best Managed Companies. We’ve also been named a Top Company for Women to Work for in Transportation since 2018. Our recognition reflects the family values we share with our parent company, McCain Foods Limited.

As a federally regulated employer, Day & Ross fully supports the principles of employment equity and encourages all qualified members of the designated groups to apply. Day & Ross is committed to ensuring equal access and participation for people with disabilities and meeting their needs in a timely manner. We will do so by removing and preventing barriers to accessibility and by meeting our accessibility requirements under Accessible Canada Regulations and in alignment with our business practices, capabilities, and values.

#LI-MR1 #LI-Onsite