Lead Security Architect and Engineer

Key Responsibilities:

Strategic Leadership: Develop and execute the security design and architecture strategy aligned with business objectives and regulatory requirements. Build and lead a high-performing security architecture and engineering team. Architecture Oversight: Design and implement resilient, scalable security architectures for enterprise systems and infrastructure. Oversee integration of advanced cloud security frameworks, including multi-cloud environments, zero-trust models, and automated threat detection. Security Framework Implementation and Optimization: Customize and implement security frameworks (e.G., SABSA, TOGAF, NIST) to fit the conglomerate's diverse needs. Ensure effective integration to improve threat detection, risk management, and compliance. Technology Evaluation: Evaluate new and emerging security technologies across various cybersecurity domains and platforms. Assess their effectiveness, scalability, and integration with existing security architectures. Proof of Concept (POC) Management: Design and execute POCs for various security solutions. Analyze performance metrics and security effectiveness, and present findings and recommendations to stakeholders. Deployment of Advanced Security Technologies: Oversee the deployment and integration of next-generation security solutions, including threat detection systems, cloud security tools, and encryption technologies, ensuring optimal configuration and performance. Cross-Functional Collaboration, Innovation, and Improvement: Work with business leaders and IT teams to integrate security into operations. Stay updated on security trends and drive continuous improvement in security practices and capabilities. Qualifications: Experience: 16-20 years of experience in security design, architecture & engineering, with a significant portion at a senior leadership level. Proven track record in managing complex, multi-sector security environments. Education: Bachelor’s degree in computer science, Information Security, or a related field. Advanced degree or relevant certifications (e.G., CISSP, CISM, CISA, CCSP, CCIE, GIAC, GSEC) preferred. Leadership Skills: Demonstrated ability to lead and influence at the executive level. Exceptional strategic thinking, decision-making, and problem-solving skills. Technical Expertise: Deep knowledge of security technologies, frameworks, zero trust principles, and best practices, including experience with security architecture frameworks such as SABSA, TOGAF, or NIST. Strong knowledge of Identity Access Management solution and authentication mechanisms and protocols for large enterprise Experience architecting solutions within Azure, AWS, GCP, Open Stack based cloud environment and other virtualized and software defined system and network platforms Experience in design and implementation of wide range of commercial security solutions such as Next gen firewalls, web application firewalls, IDS/IPS, HIPS, SIEM, DLP, DDOS mitigation technologies, CASB etc. in an enterprise. Experience in Cloud computing security design, architecture and implementations - IaaS, PaaS and SaaS. Advanced knowledge of Microsoft Azure cloud security requirements and cloud security controls based on best practices and standards for Secure Cloud Computing (Cloud Security Alliance - CSA, ISO, PCI etc.) Skilled in designing, implementing, and analysing POCs for evaluating security technologies, including developing detailed testing plans and documenting results. Expert with deployment orchestration, automation, and security configuration management for DevOps. Knowledge in managing security incidents, including experience with incident response, digital forensics, and threat hunting. Up-to-date knowledge of the latest security trends, technologies, and threat landscapes to drive innovation and improvement in security practices. Communication Skills: Excellent verbal and written communication skills with the ability to convey complex security concepts to non-technical stakeholders. Risk & Compliance Management: Strong understanding of risk management principles and practices, including experience in incident response and crisis management. Knowledge of regulatory requirements and industry standards (e.G., GDPR, CCPA, SOX) and experience ensuring compliance through security controls and audits.