SECURITY ARCHITECT - GRC & Cybersecurity

Security Architect – Governance, Risk & Compliance (Cybersecurity)

Overview

The Security Architect is responsible for designing, implementing, and maintaining secure enterprise architectures that protect organizational data, infrastructure, and applications. This role involves developing strategic security frameworks, conducting risk assessments, and ensuring security integration across all IT systems and network designs.

The Security Architect works closely with cross-functional teams—spanning IT, DevOps, and business units—to embed security best practices across on-premise, cloud, and hybrid environments.

Business Unit: Governance, Risk & Compliance (GRC), Cybersecurity

Reports To: Head of Cybersecurity / Cybersecurity Officer

Location: As defined in employment contract

Experience: 4–6 years of relevant experience in information security or IT architecture

Education: Bachelor's degree in Computer Science, Information Security, or a related discipline (Master's preferred)

Key Responsibilities

Architecture & Design

• Design and implement enterprise-wide security architectures aligned with business objectives and compliance standards.


• Develop and maintain reference architectures, blueprints, and security technical standards.


• Evaluate and recommend emerging security technologies, tools, and frameworks.


• Integrate security controls into infrastructure, application, and cloud ecosystems (AWS, Azure, GCP).


• Ensure secure configuration of systems and networks, focusing on identity, access, and encryption management.


• Collaborate with Agile teams on feasibility studies, rapid prototyping, and security validation of new technologies.


• Document and maintain architecture requirements throughout the system lifecycle.

Risk Management & Assessment

• Conduct threat modeling and security risk assessments for new systems, applications, and projects.


• Identify gaps in existing architectures and develop mitigation and risk-management strategies.


• Collaborate with IT and DevOps teams to ensure security requirements are embedded into system design.


• Recommend cost-effective security solutions based on risk exposure and compliance obligations.

Governance & Compliance

• Ensure architectural compliance with global and regional frameworks (e.g., NIST, ISO 27001, CIS Controls, PCI DSS, GDPR, HIPAA, local cybersecurity standards).


• Support audits and certification processes by maintaining documentation and providing technical evidence.


• Develop and maintain security policies, technical procedures, and operational guidelines.

Incident Response & Operations Support

• Provide expert input during security incidents and investigations.


• Collaborate with SOC, Threat Intelligence, and Incident Response teams to enhance detection and response capabilities.


• Activate and coordinate incident response plans to ensure timely containment and recovery.


• Recommend improvements for automation, monitoring, and orchestration of security operations.

Collaboration & Leadership

• Serve as a cybersecurity subject-matter expert and trusted advisor to internal teams.


• Mentor and guide junior security engineers and analysts.


• Communicate complex technical risks and designs in business-friendly terms to senior stakeholders.

Skills & Competencies

• Proven experience in cybersecurity or IT architecture roles.


• Strong background in network security, IAM, encryption, and cloud security (AWS, Azure, GCP).


• Familiarity with SIEM, SOAR, endpoint protection, and secure coding (DevSecOps) principles.


• Deep understanding of cybersecurity frameworks, policies, and best practices.


• Excellent problem-solving, analytical, and documentation skills.


• Strong interpersonal communication and stakeholder-management abilities.


• Detail-oriented, proactive, and able to balance technical and business priorities.


• Willingness to travel to client or partner locations when required.

Preferred Certifications

• Certified Information Security Manager (CISM)


• Certified in Risk and Information Systems Control (CRISC)


• Certified Information Systems Security Professional (CISSP)


• Certified Cloud Security Professional (CCSP)


• SABSA or TOGAF frameworks


• Vendor-specific certifications (AWS Security Specialty, Azure Security Engineer, etc.)