Role Purpose Provide security architecture leadership and advisory services across Digital projects, ensuring secure-by-design principles are embedded from inception through delivery. Act as a trusted consultant to project teams, guiding them on security best practices, compliance requirements, and the development of robust security standards.
Key Responsibilities - Partner with Digital project managers and solution architects to define secure architecture patterns aligned with business objectives.
- Conduct threat modeling and risk assessments for new initiatives, delivering actionable recommendations to mitigate risks.
- Influence design decisions to ensure compliance with regulatory obligations and internal security frameworks.
- Facilitate workshops and provide consultative guidance on security automation, DevSecOps integration, and containerized application security.
- Develop and maintain security architecture documentation, standards, and reference models to support consistent implementation across projects.
- Act as a liaison between project teams and the Cyber Security function, ensuring alignment with enterprise security strategy.
- Prepare clear, comprehensive reports and recommendations for stakeholders, enabling informed decision-making.
Required Skills & Experience - Minimum 5 years in security architecture or application security roles, ideally within project delivery environments.
- Strong consultative and stakeholder engagement skills, with the ability to influence technical and business teams.
- Proven experience in threat modeling, security automation, and embedding DevSecOps practices in project lifecycles.
- Expertise in containerized environments (Docker, Kubernetes) and modern application architectures.
- Familiarity with regulated industries (e.g., energy, utilities, finance) and associated compliance frameworks.
- Knowledge of NIST CSF and AESCSF frameworks.
Desirable - Certifications: CISSP, CCSP, SABSA.
- Experience with cloud security (AWS/Azure) and secure design for hybrid environments.
- Experience with OT/IoT security in industrial or connected environments.
Competencies - Strong analytical and problem-solving skills.
- Excellent communication and documentation capabilities.
- Ability to work collaboratively across multiple teams and stakeholders.