Security Architect

 

JOB SUMMARY 

The Security Architect is responsible for defining and driving the Group cyber security architecture and roadmap across the entire technology portfolio, ensuring robust protection, regulatory compliance, and resilience at a global scale. The role establishes security standards, frameworks, and controls across all platforms, applications, and infrastructure, working closely with IT Operations, Product, and Engineering Teams to embed security by design throughout the organization.

As part of the global technology leadership team, this position plays a strategic role in strengthening the company’s cyber posture, safeguarding business operations, and enabling secure growth by ensuring that security capabilities evolve alongside the company’s digital and operational ambitions.

KEY RESPONSIBILITIES 

· Own and evolve the company’s global security architecture and strategy across applications, cloud, identity, endpoints, and enterprise systems.

· Lead and develop the security function, managing a team responsible for Security Operations and Identity & Access Management.

· Serve as the senior security authority for major technology initiatives, architectural decisions, and enterprise platform changes.

· Define and maintain security principles, standards, and reference architectures applied consistently across engineering teams and regions.

· Ensure security architecture aligns with business priorities, technology strategy, and regulatory requirements.

· Drive secure-by-design practices across internally developed applications, APIs, and integrations.

· Oversee the organization’s cloud security posture, including architecture, governance, and controls across AWS environments.

· Establish and strengthen identity and access management practices, including authentication, privileged access, and lifecycle governance.

· Ensure effective security operations, monitoring, and endpoint protection in partnership with internal teams and external security providers.

· Oversee security testing and assurance activities, including penetration testing, vulnerability management, and remediation oversight.

· Drive the organization’s security awareness and human risk program to strengthen overall security culture.

· Act as a trusted advisor to engineering and business leadership, clearly communicating security risks, priorities, and improvement initiatives.

 

KEY QUALIFICATIONS 

· 8–10+ years of experience in cybersecurity, information security, or related infrastructure/security roles, including experience in security architecture or senior security engineering roles.

· Strong understanding of security architecture across cloud, applications, identity, endpoints, and enterprise platforms.

· Hands-on experience securing cloud environments, preferably AWS, including IAM, monitoring, and security controls.

· Solid background in application security and secure software development practices, including threat modeling, architecture review, and API security.

· Practical experience with identity and access management concepts such as authentication, privileged access, and lifecycle governance.

· Familiarity with Microsoft security environments, including Entra ID; experience with enterprise SaaS platforms such as Dynamics is a plus.

· Experience working closely with engineering, infrastructure, and platform teams to embed security into technology delivery.

· Experience overseeing security operations or working with MSSPs, including areas such as endpoint protection, detection and response, or monitoring.

· Proven ability to lead security initiatives, influence stakeholders, and guide security improvements across multiple teams.

· Strong communication skills with the ability to translate security risks into clear priorities and practical actions for both technical and non-technical audiences.

 

Preferred

· Experience in distributed or multi-site environments (e.g., retail, hospitality, or similar).

· Relevant certifications such as CISSP, CCSP, AWS Security Specialty, or equivalent are advantageous but not required.