ARKION
Scan
All open roles
§ Engineering · Architecture

Technical Director / Software Architect

LocationRemote / Hybrid · Greater Toronto Area
TypeFull-Time
Reports toChief Product Officer
Apply for this role
§ About the Role

We are building a highly secure and scalable cloud-native platform for non-human identity governance. We are looking for a Software Architect to define and implement the technical architecture while ensuring compliance with modern cryptographic and security standards.

This role requires strong expertise in cryptographic protocols, PKI, and secure API development. You will collaborate with development engineers, the cloud & deployment engineer, and external partners to drive architectural decisions and ensure a robust, scalable, and secure product. You will also write production-grade code, troubleshoot security challenges, and shape cryptographic implementations.

If you enjoy coding at a deep technical level, solving complex security problems, and shaping cryptographic implementations, this is the role for you.

§ Responsibilities

What you’ll own.

Technical leadership & architecture

  • Design and implement secure software architectures with a strong focus on cryptographic protocols and non-human identity security.
  • Design, implement, and optimize APIs for certificate management, key lifecycle management, and secure communications.
  • Work with PKI, TLS/SSL, X.509 certificates, and cryptographic key management solutions.
  • Ensure secure integration with cloud-native environments (AWS, Azure, GCP, Kubernetes) and HSMs/KMS for key storage.
  • Lead decisions around microservices, event-driven architecture, and distributed systems.
  • Write high-quality, scalable, and efficient code in Go, Python, Rust, or Java.
  • Integrate with PKI, TLS/SSL, X.509 certificates, OCSP, and modern authentication mechanisms (OAUTH, Service Accounts, SCIM).
  • Work on high-performance, low-latency cryptographic services that run in cloud-native environments.
  • Develop secure microservices following best practices in containerization, Kubernetes, and CI/CD.

Security & cryptography

  • Implement and advocate for cryptographic best practices (RSA, ECC, ECDSA, Ed25519, AES, SHA, HSMs).
  • Work with security teams to perform threat modeling and risk assessments on APIs and architecture.

Collaboration & strategy

  • Work closely with development teams to ensure alignment between business requirements and technical architecture.
  • Collaborate with product leadership to define and prioritize architectural goals.
  • Support cross-functional teams by documenting architectural decisions, security considerations, and best practices.
§ Required Skills

What you’ll bring day one.

Technical

  • Proficiency in Rust and Python for secure backend development.
  • 5+ years of experience in software architecture, design, and implementation.
  • Strong background in cryptographic protocols, PKI, and key management.
  • Hands-on experience with TLS/SSL, X.509 certificates, OCSP, and certificate automation.
  • Expertise in API security (OAuth, OpenID Connect, JWT, mTLS).
  • Experience designing and securing RESTful & GraphQL APIs.
  • Experience with HSMs, KMS (AWS KMS, Azure Key Vault, GCP KMS), and hardware-backed security.
  • Experience with distributed systems, microservices, and event-driven architectures.
  • Cloud expertise: AWS, Azure, GCP and Kubernetes.
  • Containers and orchestrators (Docker, Kubernetes, ECS).
  • CI/CD pipelines (GitHub Actions, GitLab CI/CD, Jenkins).

Non-technical

  • Problem-solving mindset — debug and resolve complex cloud and deployment issues.
  • Cross-team collaboration with Product, Sales, and Engineering.
  • Process improvement — streamline deployments and automate manual work.
  • Clear communication — explain technical concepts to non-technical stakeholders.
  • Customer-centric approach — understand pain points, ensure smooth PoC deployments.
  • Ownership mentality — work proactively, decide without waiting for instructions.
§ Nice to Have
  • Certificate Authorities (CAs), ACME protocols, and TLS certificate lifecycle management.
  • Machine identity security, identity federation, and IAM solutions.
  • Performance optimization and scaling of cryptographic services.
  • Post-quantum cryptography (PQC) and emerging security trends.
§ Who You Are
  • Security-first mindset — you understand how to design resilient and secure architectures.
  • Implementation mindset — you write code to test architectural components.
  • Detail-oriented problem solver — you break down complex security and architectural challenges.
  • Excellent communicator — you can explain cryptographic concepts to leadership.
  • Pragmatic decision-maker — you balance security, performance, and business needs.
  • Passionate about security and cryptography — you stay ahead of industry trends and best practices.
§ Why Join Us
01

Remote & flexible — work from anywhere.

02

Fast-paced, no red tape — move quickly, own decisions, drive real change.

03

Collaborate with industry leaders in the cyber security space.

04

High-impact role — design, develop and own software architecture.

05

Growth opportunity — work with modern cloud and security technologies in a high-impact role.

Ready to apply?

Email your application directly to faisal.razzak@arkion.ai. Include the following so we can move quickly:

  • Resume & portfolio
  • GitHub profile (if available)
Apply by email← All open roles