Senior Architect - Information Security

Job Description

Roles and Responsibilities:

• Define the enterprise security architecture and control baseline across the SDLC to reflect risk-management objectives, embedding security requirements in high-level designs and incorporating threat-modelling outcomes.
• Establish and maintain corporate information-security policies, standards, guidelines, and ISMS design patterns aligned to regulations and best practices, ensuring designs meet cloud and on-premises security baselines.
• Maintain risk-driven reference architectures and response scenarios; perform technology-risk assessments early in initiatives, highlight design-related risks/changes, and propose compensating controls.
• Set Authority security programs and technical standards with Enterprise Architecture; ensure projects align to architectural requirements through early design signoffs with business/ technology stakeholders.
• Define and govern secure integration patterns for third-party systems and APIs and ensure adherence during design and change.
• Evaluate emerging security technologies and trends; research solutions for mandated requirements and recommend adoption paths aligned to RTA strategy and architecture.
• Represent Information Security in enterprise architecture boards and technical steering committees to embed security perspectives in portfolio decisions.

• Provide specialist security input to RFPs; define and review security requirements and compliance language.
• Evaluate and approve changes per ITIL; improve change-management procedures and perform post-implementation audits.
• Lead architectural reviews for all new digital initiatives and ensure security by design across solutions and platforms.
• Define and govern secure integration patterns for third-party systems and APIs and ensure adherence during design and change.
• • Coordinate with the Security Operations Center on incident analysis and response, applying lessons to strengthen architectural controls.
• Lead/advise on IAM, SSO, classification, DLP, SIEM and related platform architectures; verify configuration hardening.
• Conduct and guide security assessments and vulnerability analysis; recommend and oversee mitigation actions.
• Coordinate information-systems audits with stakeholders to assess control effectiveness and drive remediation.

• Develop and update security-architecture practices and standards, document target states, gaps, and migration roadmaps.
• Develop and maintain security policies, SOPs, and architecture documentation; report compliance metrics and audit artifacts; supervise and refine security training.

Job Qualifications & Requirements

• Bachelor's degree/ master's degree in computer science (CS)/ Information Technology (IT)/ Cybersecurity or related.

• 6+ Years in case of master's degree (8+ years in case of bachelor's degree).

Required Competencies

• Cybersecurity & Information Risk Management
• Governance, Risk & Excellence Programs
• Project Management
• Quality Management and Enhancement
• Security Architecture & Infrastructure Governance
• Access Governance & Data Classification
• Security Audit & Assurance
• Security Compliance Inspection & Audit
• AI-Driven Security Engineering & Simulation