Cyber Security Architect

Experience: 10 - 25 years

Role Overview:

We are seeking a seasoned Cyber Security Architect with over a decade of experience to lead and guide our technical teams in implementing robust security controls across on-premises infrastructure and software applications. The ideal candidate will collaborate closely with Corporate Security and other stakeholders to ensure alignment with enterprise-wide security policies and compliance requirements.

Key Responsibilities:

- Architect and implement security solutions for on-premises infrastructure and enterprise software applications.

- Provide technical leadership and guidance to engineering and operations teams on security best practices.

- Collaborate with Corporate Security to align technical implementations with organizational security policies.

- Conduct risk assessments, threat modeling, and security architecture reviews.

- Define and enforce security controls, including identity and access management, data protection, and network security.

- Support hybrid environments (on-prem + cloud) with scalable and secure design principles.

- Evaluate and integrate AI guardrails and emerging technologies to enhance threat detection and response.

- Stay current with evolving cyber threats, vulnerabilities, and regulatory requirements.

Technical Skills (Must have)

Security Architecture & Design

- Enterprise security architecture (SABSA, TOGAF)

- Zero Trust Architecture

- Secure SDLC and DevSecOps integration

- Threat modeling (STRIDE, DREAD, PASTA)

Infrastructure & Network Security

- Firewall configuration and management (Fortinet, Palo Alto)

- VPN, IDS/IPS, and network segmentation

- Secure configuration of servers, endpoints, and network devices

- NAC (Network Access Control)

Monitoring & Incident Response

- SIEM platforms (Sentinel, Splunk, QRadar)

- EDR/XDR solutions (CrowdStrike, Sentinel One, Microsoft Defender)

- Security orchestration, automation and response (SOAR)

- Forensics and root cause analysis

Identity & Access Management (IAM)

- Role-based access control (RBAC)

- Privileged access management (PAM)

- Multi-factor authentication (MFA)

- Identity governance and lifecycle management

Data Protection & Privacy

- Encryption standards (AES, RSA, TLS, PKI)

- Data loss prevention (DLP)

- Secure key management (HSM, KMS)

- GDPR, CCPA, and other data privacy regulations

Technical Skills (Good to have)

AI & Emerging Technologies

- AI/ML-based threat detection and anomaly detection

- AI guardrails and responsible AI frameworks

- Integration of LLMs in SOC workflows (e.g., Copilot for Security)

Cloud & Hybrid Security

- Cloud security posture management (CSPM)

- Cloud-native security tools (Azure Defender, AWS GuardDuty, GCP Security Command Center)

- Identity federation and SSO (SAML, OAuth, OpenID Connect)

- Container and Kubernetes security