Post Job Free
Sign in

Cloud Security Architecture

Location:
Laurel, MD
Posted:
May 07, 2025

Contact this candidate

Resume:

JEAN-ROMAIN BOTEMBE, MBA

Laurel, Maryland 301-***-**** linkedin.com/in/jrbotembe/ *********@*****.*** SUMMARY

Cybersecurity leader with 20+ years of progressive experience leading security initiatives across banking, government, and energy sectors. Proven expertise in risk assessments, cloud security architecture, vulnerability management, and information assurance, with a strong track record of delivering innovative solutions and fostering organizational resilience.

AREAS OF EXPERTISE

● Technical Skills: Security Architecture, Cloud Security, Incident Response

● Leadership Skills: Stakeholder Engagement, Security Advisory, People leadership

● Strategic Initiatives: Governance, Risk Mitigation, Digital Transformation WORK EXPERIENCE

Scotiabank Toronto, Ontario

Senior Lead, Cloud Security Application Solutions February 2022 - Present

● Lead security oversight and cloud risk assessments for complex enterprise initiatives across GCP and Azure environments.

● Conduct thorough Threat Risk Assessments (TRAs) and provide security guidance aligned with Scotiabank's standards and regulatory requirements.

● Advise development, architecture, and business teams on secure solution design, embedding security across the lifecycle of cloud applications.

● Review technical and security architecture to identify risks, define controls, and ensure alignment with Zero Trust principles.

● Support cloud governance by ensuring consistent use of security tools and remediation practices across lines of business.

● Collaborate with enterprise cloud, penetration testing, and IS&C teams to address risks and ensure a secure cloud footprint.

● Contribute to cloud security strategy by benchmarking controls, analyzing threat trends, and supporting the evolution of best practices.

Bell Canada Toronto, Ontario

Security Consultant September 2021 – February 2022

● Performed vulnerability assessments and application security testing across enterprise systems and networks.

● Managed multiple vulnerability programs, including execution, triage, and coordination of remediation activities.

● Validated findings and eliminated false positives to ensure accurate risk posture reporting.

● Collaborated with security architecture, application development, and infrastructure teams to remediate findings.

● Utilized AppScan and Tenable to perform technical security scans, interpret results, and develop actionable insights.

● Maintained and updated dashboards and GRC tools to track vulnerability trends, risk exposure, and mitigation progress.

● Advised stakeholders on mitigation plans and industry best practices to strengthen security controls.

● Participated in threat intelligence gathering and cataloging of indicators to inform vulnerability and risk management strategies.

● Communicated technical security findings clearly in both French and English across global teams. Capgemini Canada Toronto, Ontario

Security Manager April 2016 - September 2021

● Managed a team of fifteen security professionals providing security operations support and delivering projects across highly regulated industries.

● Assessed and approved IT changes ensuring compliance with security policies and standards.

● Enhanced vulnerability management programs, leading to measurable improvements in organizational security posture.

● Led incident response efforts across various teams; guided log analysis, kept clients informed, and delivered final reports.

● Collaborated with global teams including security architecture, penetration testing, and application development.

● Reported on security audit findings, ensuring successful remediation within established deadlines.

● Contributed to contract compliance assessments and reporting for high-profile engagements.

● Provided cybersecurity guidance and strategic risk advice to large delivery centers and key accounts.

● Collaborated with solution architects, bid teams, and engineering leads to embed security in system designs.

● Performed forensic data collection, recovery, and analysis, including the creation of forensic images and comprehensive reports.

Canadian Heritage – Government of Canada Gatineau, Quebec Financial Analyst – SAP Security July 2015 – April 2016

● Supported SAP security administration and role design within the financial systems’ environment.

● Maintained SAP authorization objects and user profiles to ensure compliance with internal controls.

● Collaborated with finance and IT stakeholders to assess access risks and ensure proper segregation of duties.

● Monitored and maintained documentation for audit and compliance purposes. Suncor Energy Inc. Fort McMurray, Alberta

Control Systems Engineer January 2011 - August 2014

● Conducted detailed risk assessments for OT systems.

● Delivered training to team members on supporting and troubleshooting various DMZ functionalities, including users and applications access management and systems monitoring.

● Managed production site data center operations, including technical operations, facility management, and security compliance.

● Led vulnerability management for process control systems, remediated and mitigated vulnerabilities within the process control environment.

● Planned and coordinated system installations, upgrades, repairs, and maintenance.

● Managed relationships with vendors and service providers, ensuring they meet contractual obligations.

● Reviewed process control changes and projects to ensure compliance with security policies and standards.

● Reviewed and implemented backup and disaster recovery strategy for a process control system.

● Member of the Suncor cybersecurity policies and standards review committee. Suncor Energy Inc. Calgary, Alberta

Applications Engineer July 2009 - January 2011

● Successfully managed site-wide applications rollouts, overseeing deployment for approximately five hundred end-users.

● Conducted training sessions and developed knowledge transfer materials, increasing user adoption and reducing support tickets.

● Authored and maintained comprehensive application support documentation, enhancing knowledge transfer.

● Provided critical support for OSIsoft PI, Honeywell PHD, and Distributed Temperature Sensing systems.

● Managed relationships with multiple vendors, internal clients, and stakeholders.

● Coordinated and interfaced with other business units, specifically with Information Services. IBM Canada Fort McMurray, Alberta

Information Systems Consultant July 2008 - July 2009

● Managed the deployment and rollout of workstations, software, and related equipment.

● Delivered application support services and user training for enterprise systems.

● Assisted in testing and rollout of software upgrades and patches. University of Ottawa Ottawa, Ontario

Computer Analyst July 2004 - July 2008

● Managed and maintained over one hundred workstations, computer components, and end-users’ accounts.

● Primary on-call contact for all after hours and weekend IT related issues.

● Provided end-user technical support and resolved hardware/software issues.

● Assisted in lab maintenance and deployment of computing resources for faculty and students.

● Supervised, recruited, and trained students working at the computer lab. TD Bank Toronto, Ontario

Bilingual Merchant Services Representative July 2000 - July 2004

● Delivered customer support for merchant payment services in both English and French.

● Troubleshot terminal and transaction issues and ensured timely resolution.

● Maintained high client satisfaction ratings and adherence to service level agreements. EDUCATION

University of Ottawa – Telfer School of Management Ottawa, ON, Canada Master of Business Administration (MBA) August 2014 – July 2016 University of Ottawa

Ottawa, ON, Canada

Bachelor of Applied Sciences in Electrical Engineering Sept 2001 - June 2005 RELEVANT SKILLS AND EXPERIENCE

INFORMATION SECURITY

● Review architecture and proposed changes in customer environments to ensure alignment with security standards, reducing risk and improving compliance.

● Led a cybersecurity audit for the Suncor Firebag production site, which included penetration testing and policies, guidance, and standards adherence assessment.

● Performed security gap analysis on process control systems, highlighting key risks and compliance gaps.

● Directed security governance for oil and gas production control systems, driving compliance with internal policies, enterprise guidance, and regulatory standards.

● Evaluated Suncor’s cybersecurity policies, guidance, and standards for effectiveness and alignment with industry best practices.

● Oversaw security patching for process control DMZ and control systems, reducing vulnerabilities and strengthening operational resilience.

SYSTEM ENGINEER

● Led Suncor Firebag control room consolidations by upgrading process control networks, relocating servers and operator workstations, managing contractors, and maintaining business continuity.

● Led SIS network upgrade at Suncor Firebag, replacing fiber optics, switches, and key components resulting in a significant reduction in plant shutdowns due to legacy equipment failures.

● Led CEMS network upgrade and system consolidation efforts, resulting in the removal of redundant servers and improved operational efficiency.

MANAGEMENT/LEADERSHIP

● Served as Security Manager for a team of 15 professionals, leading operations, mentoring staff, and driving key cybersecurity projects.

● Oversaw contractor management lifecycle, hiring, mobilizing, scoping, and monitoring work to ensure alignment with project requirements and timelines Mentored and trained co-op students and Engineers- In-Training employees.

● Recruited, trained, and mentored student employees at the University of Ottawa computer lab, supporting service excellence and skill growth.

TECHNICAL PROFICIENCY

Security Tools: Tenable, Rapid7, Forti Analyzer, McAfee Email Gateway, Symantec Endpoint Protection, Microsoft Defender, Azure information Protection, Azure Security Center, Azure Advanced Threat Protection, Exchange Online Protection, Microsoft Defender, Azure monitoring, Azure Sentinel, SolarWinds, SAGE, Spector360, McAfee ePO,

Frameworks and Standards: ISO 27001, NIST Cybersecurity Framework, MITRE ATT&CK, GDPR, SOC 2 Cloud Platforms: Google Cloud, Microsoft Azure

Networking: Firewalls (Cisco ASA, FortiGate), Fortinet, Patch panels and fiber optics management Software: Microsoft AD, Azure AD, Cisco ASDM, VMWare, Spector360, MS Project, MS Office suite, OSIsoft PI, SAP, Defender, Java, C, MS SQL

Operating Systems: MS Windows, Windows Servers, ESXi, Cisco IOS, FortiOS Backup and recovery: Acronis Backup and Recovery, Norton Ghost COMMUNICATION SKILLS

Languages: Fluent in English and French.



Contact this candidate