The Security Architect Lead is responsible for defining, driving, and maintaining the Bank's enterprise security architecture across applications, infrastructure, and cloud environments. This role provides strategic security guidance, ensures alignment with regulatory and industry standards, and works closely with business, IT, and security teams to protect the Bank against evolving cyber threats.
The role is a key contributor within the CISO organization and may involve mentoring team members, leading security initiatives, and influencing enterprise-wide security decisions.
Key Responsibilities
- Define and maintain enterprise security architecture aligned with business objectives, regulatory requirements, and industry best practices
- Design and review security architectures for applications, infrastructure, and cloud (hybrid/on-prem and cloud environments)
- Act as a security liaison between business units, IT, and security teams to ensure security-by-design across projects
- Develop and enforce security control requirements for internal and external system interfaces
- Contribute to the creation and enhancement of security policies, standards, and procedures
- Perform security risk assessments for projects, changes, and new initiatives; provide clear recommendations and risk treatment options
- Continuously assess the Bank's security posture against emerging threats and recommend improvements
- Provide guidance, mentorship, and leadership within the Security Architecture function
- Support security awareness initiatives and promote a strong security culture across the organization
Qualifications
- Bachelor's degree in Information Technology, Computer Science, Engineering, or related field
- At least 812+ years of experience in cybersecurity, IT architecture, or information security roles
- Strong experience in security architecture across cloud and on-prem environments
- Solid knowledge of security frameworks and standards such as ISO 27001, NIST, CIS, PCI DSS
- Experience conducting security risk assessments, secure design reviews, and architecture evaluations
- Strong stakeholder management skills; able to communicate security concepts to both technical and non-technical audiences
- Experience in banking, financial services, fintech, or regulated industries is highly preferred
- Relevant certifications (e.g., ISO 27001, CISSP, CISM, CCSP, cloud security certifications) are an advantage
