Role description:
* As a Security Architect, youll lead security design, engineering, testing, and implementation for critical business products supporting Strategic Infrastructure business.
* Working closely with Product Managers, youll act as a vital link between senior business stakeholders, Information Technology, and existing security services, serving as both a technical and non-technical point of contact with a focus on architecture and engineering.
* Working closely with the business, product teams, and technical architects, youll ensure solutions comply with regulatory and security controls requirements.
* Youll combine excellent customer relationship skills, deep technical knowledge (including emerging Digital technologies), and a practical approach to real- world risk reduction.
Key responsibilities:
* Collaborate with business, product teams and users to define needs, identify problems, and implement improvements
* Work alongside Product teams to liaise with 3rd party vendors to securely integrate new technology capabilities into Strategic Infrastructure products and services
* Define and document security architecture blueprints for new systems and applications, including threat modelling and risk assessments
* Establish security standards, best practices, and design patterns for cloud, on-premises, and hybrid environments
* Collaborate with development teams to integrate security controls into application design
* Lead security architecture reviews and provide expert technical guidance on complex security challenges
* Assess security posture against industry regulations and compliance requirements
* Identify and mitigate security risks associated with new technologies and initiatives
* Perform security assessments and penetration testing to identify vulnerabilities
* Communicate security risks and mitigation strategies to the business and 3rd party vendors where necessary
* Advocate for security initiatives and build consensus across teams
Key skills/knowledge/experience:
* Deep understanding of cybersecurity principles, including authentication, authorization, encryption, network security, and application security
* Expertise in cloud security architectures (AWS, Azure, GCP)
* Proven experience designing and implementing security solutions for complex enterprise environments
* Strong knowledge of security frameworks like CIS, NIST, ISO 27001, and PCI DSS
* Experience of ESRI products
* Excellent communication and presentation skills to effectively communicate technical security concepts to non-technical stakeholders