Enterprise Cyber Security Architect

The Security Architect is a senior expert within the Enterprise Architecture function, responsible for defining and governing the organization’s cybersecurity architecture. This role ensures that enterprise systems, platforms, and data are protected through robust security designs, aligned with regulatory requirements and industry best practices.

Responsibilities

• Define and maintain the enterprise security architecture strategy , including security principles, standards, and reference architectures.
• Design and implement secure architecture patterns across cloud, on-premises, and hybrid environments.
• Establish security-by-design principles and ensure their adoption across all technology initiatives.
• Lead the development of identity and access management (IAM), network security, data protection, and endpoint security architectures .
• Conduct security architecture reviews and risk assessments for new and existing systems.
• Ensure compliance with banking regulations, data protection laws, and industry standards (e.g., ISO 27001, NIST, PCI DSS).
• Collaborate with infrastructure, application, and DevOps teams to embed security controls into CI/CD pipelines (DevSecOps) .
• Define and enforce security governance, policies, and architecture guardrails .
• Lead the evaluation and implementation of security tools and platforms (e.g., SIEM, firewalls, EDR, DLP).
• Oversee threat modeling, vulnerability management, and incident response architecture .
• Ensure proper design of encryption, key management, and data security controls .
• Stay current with emerging cyber threats, vulnerabilities, and security technologies .
• Provide technical leadership and mentorship to security engineers and teams.

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or related field.
• 15+ years in IT, with at least 5–7 years in security architecture or cybersecurity leadership roles .
• Strong expertise in:
• Network security (Palo Alto, Checkpoint, Cisco security)
• Identity & access management (IAM, PAM, SSO, MFA)
• Cloud security (AWS, Azure, OCI security frameworks)
• Data protection, encryption, and key management
• Deep understanding of security frameworks and standards (NIST, ISO 27001, CIS, Zero Trust).
• Experience with security in DevOps environments (DevSecOps) .
• Hands-on knowledge of security tools such as SIEM, SOAR, EDR/XDR, DLP.
• Strong understanding of regulatory compliance in banking/financial services .
• Experience in risk management, threat modeling, and vulnerability assessment .
• Certifications such as CISSP, CISM, CCSP, CEH are highly preferred.
• Excellent problem-solving, communication, and stakeholder engagement skills.
• Familiarity with enterprise architecture frameworks (TOGAF) and ITIL practices.