Security Architect-Manager

12-18 Years

Save

Early Applicant

Job Description

Key Responsibilities :

Zero Trust Security Architecture

Define and implement Zero Trust architecture across client environments, covering identity-centric security, continuous verification, least privilege access, and micro-segmentation and trust boundaries.
Ensure Zero Trust principles are consistently applied across users, workloads, APIs, and data, and across cloud, hybrid, and on-premises platforms.

Secure Integration and API Architecture

Design secure integration architectures for internal system-to-system integration, and third-party, partner, and public-facing integrations, including API-led and event-driven architectures.
Define authentication, authorisation, and token strategies for integrations, and embed identity, encryption, and policy enforcement into integration patterns.
Ensure APIs and integrations are defendable against unauthorised access, abuse and denial of service, and injection, replay, and token-based attacks.

Security-by-Design and Best Practices

Establish and enforce security-by-design standards across projects and reduce attack surface and technical debt through proactive design.
Define architectural controls for identity and access management (IAM), data protection and encryption, and network segmentation and secure connectivity.
Ensure architectures follow industry best practices and frameworks while balancing security controls with usability and performance needs.

Threat Modelling and Cyber Resilience

Perform threat modelling and risk analysis at solution and architecture levels, identify vulnerabilities early, and define mitigating controls.
Design architectures resilient to credential compromise, API and integration attacks, and supply chain and third-party risks.
Ensure detection, monitoring, and response capabilities are integrated into designs.

Governance, Assurance and Compliance

Define security architecture standards, patterns, and reference models, and review and approve solution designs to ensure compliance.
Support regulatory and compliance requirements (e.g. data privacy and audit readiness) and provide architectural assurance throughout the delivery lifecycle.

Consulting and Stakeholder Advisory

Act as a trusted security advisor to clients and delivery teams, explaining complex security concepts to technical and non-technical stakeholders.
Balance security controls with usability, integration needs, and performance, and mentor delivery teams to promote secure engineering practices.

Skills, Experience and Competencies

Core Skills and Expertise

Experience

12–18+ years of overall information technology (IT) and security experience.
8–12+ years in security architecture roles within complex enterprise environments.
Strong background in consulting or systems integration.
Proven experience securing cloud platforms, integration platforms, and data and analytics platforms, including internal, external, and public-facing systems.
Experience designing and governing security monitoring and detection capabilities, including SIEM architecture (log onboarding and normalisation, correlation use cases, alert tuning, and integration with SOAR/incident response workflows).

Competencies

Trusted advisor skills and the ability to explain complex security concepts to technical and non-technical stakeholders.
Ability to balance security controls with usability, integration needs, and performance.
Strong facilitation and decision-making to resolve architecture trade-offs and drive alignment.

Qualifications and Certifications

TOGAF® Certified (mandatory) or equivalent enterprise architecture certification.
CISSP, CISM, or CCSP (strongly preferred).
Cloud security certifications (Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP)) (desirable)