This senior leadership role is responsible for driving the Group's security architecture, strategy, and innovation agenda. The role supports technology and business teams in designing, deploying, and operating secure systems that meet business objectives, customer expectations, and regulatory requirements. The position sits within Group Information Security and plays a critical role in shaping enterprise-wide security practices.
Key Responsibilities
Security Strategy and Architecture Leadership
- Define and drive the Group-wide security architecture strategy aligned with business and regulatory requirements.
- Lead the security architecture function, setting standards and methodologies for implementing security controls across platforms.
- Develop, maintain, and evolve the enterprise security reference architecture.
Security Design and Standards
- Develop security design patterns and guidelines for existing and emerging technologies, including AI and cloud platforms.
- Promote consistent adoption of standard security controls across the organization.
- Conduct security architecture and design reviews to identify gaps and recommend appropriate mitigations.
Risk, Threat and Regulatory Alignment
- Determine and articulate security requirements by assessing threat landscapes, technology trends, regulatory developments, and risk exposure.
- Ensure security designs align with regulatory expectations and industry best practices.
- Provide subject matter expertise on security risks, controls, and emerging threats.
Advisory and Governance
- Provide security advisory services to technology and non-technology teams across the Group.
- Support enterprise architecture communities and security working groups.
- Contribute to governance forums to ensure secure-by-design principles are embedded across initiatives.
Innovation and Industry Engagement
- Maintain awareness of emerging technologies, innovations, and associated security risks.
- Participate in industry forums, conferences, and professional networks to benchmark and enhance security practices.
Leadership and Capability Development
- Lead and develop a team of security architects, fostering strong technical standards and delivery discipline.
- Drive security initiatives across multiple domains and departments with minimal supervision.
Qualifications and Experience
Education
- Degree in Information Security, Computer Science, Engineering, or related discipline.
- Master's degree in Information Security or Computer Science is an advantage.
Experience
- Minimum 15 years of IT experience, including at least 6 years leading security architecture teams in a large BFSI environment.
- Strong experience establishing enterprise security architecture practices and delivering complex security solutions.
- Hands-on exposure to banking systems, IT operations, and secure SDLC practices.
Technical Expertise
- Deep knowledge of enterprise architecture and security frameworks such as TOGAF, NIST, and CIS.
- Strong expertise in authentication, authorization, cryptography, cloud security, DevSecOps, and container security.
- Familiarity with AI, blockchain technologies, and associated security risks.
- Understanding of regulatory requirements, IT risk management, audits, and business continuity planning.
- Relevant certifications such as TOGAF, SABSA, CISSP, ISSEP, or CSSLP are advantageous.
