We are seeking an experienced Head of Security Architecture to lead the design and evolution of enterprise-wide security architecture across on-premise, cloud, application, data, and emerging technology environments. This role plays a critical part in shaping security strategy, embedding secure-by-design principles, and enabling business transformation while effectively managing cyber risk.
You will provide architectural leadership, partner closely with enterprise architecture, engineering, and risk teams, and act as a trusted security advisor to senior technology and business stakeholders.
Key Responsibilities
- Define and own the enterprise security architecture strategy, standards, and roadmap, aligned with business and technology objectives.
- Lead security architecture design and reviews across cloud platforms, applications, infrastructure, data, and identity.
- Establish and govern security architecture principles, reference architectures, and patterns in alignment with enterprise architecture frameworks.
- Embed security into digital transformation initiatives, including cloud adoption, DevSecOps, containerised platforms, and API-driven architectures.
- Oversee threat modelling, security design reviews, and risk assessments for new and existing platforms.
- Partner with enterprise architects, engineering teams, and risk functions to ensure defence-in-depth and Zero Trust adoption.
- Provide architectural guidance on emerging technologies such as AI, machine learning, and blockchain, including identification and management of associated security risks.
- Mentor and develop a team of security architects and senior security professionals.
- Serve as a senior security advisor to executives and technology leadership.
Requirements
- Bachelor's or Master's degree in Computer Science, Engineering, Information Security, or a related discipline.
- 15+ years of experience in cybersecurity, with significant depth in security architecture and enterprise-scale design.
- Deep understanding of enterprise architecture and security frameworks, including TOGAF, NIST, CIS, ISO 27001, and related standards.
- Solid know-how of core security controls and domains, including:
- Authentication and authorisation
- Cryptography and key management
- Cloud security (AWS, Azure, GCP)
- DevSecOps and CI/CD security
- Container and Kubernetes security
- Strong understanding of emerging technologies such as AI and blockchain, and the associated security, ethical, and regulatory risks.
- Proven ability to design and govern security architecture in complex, regulated enterprise environments.
- Excellent stakeholder management and communication skills, with the ability to influence at senior and executive levels.
- Relevant certifications such as CISSP, CCSP, SABSA, TOGAF, or equivalent are highly desirable.
Interested candidates are invited to apply for a confidential discussion.
Please note that only shortlisted candidates will be notified.
EA Licence No: 11C5502 | EAP Registration No: R1106192
