Enterprise Security Architect

Enterprise Security Architect

Job Overview:

We are seeking an experienced Enterprise Cybersecurity Architect to define, design, and drive secure architecture strategies across complex enterprise ecosystems. The role requires expertise in integrating security principles into architectural frameworks while ensuring alignment with business goals, compliance mandates, and the evolving threat landscape. The ideal candidate will act as a trusted advisor, guiding teams in secure solution design, technology selection, and architectural governance.

Key Responsibilities:

• Define and maintain enterprise-level security architecture aligned with business and regulatory requirements
• Integrate

  security-by-design

  and

  privacy-by-design

  principles into enterprise IT and digital transformation initiatives
• Perform

  threat modeling

  and architectural risk assessments across applications, infrastructure, and cloud services
• Develop and evolve

  security reference architectures, patterns, and roadmaps

  for Zero Trust, SASE, and secure SDLC
• Review and evaluate architectural designs, identifying risks and recommending secure alternatives
• Lead the adoption of

  cloud-native security controls

  and hybrid-cloud architecture best practices
• Collaborate with enterprise architects and engineering teams to embed security across platforms and pipelines
• Design identity architecture strategies, including

  federated identity, privileged access, and conditional access models

• Guide implementation of

  Dev SecOps practices

  including code scanning, IaC security, and automated security gates
• Support compliance with industry frameworks such as

  NIST CSF, ISO 27001, MITRE ATT&CK, GDPR, and PCI-DSS

• Conduct evaluations of emerging technologies, tools, and architectural patterns from a security perspective
• Align architectural outcomes with

  business continuity, incident response, and data protection objectives

• Contribute to security policy development, secure baseline enforcement, and architectural documentation
• Mentor cross-functional teams on best practices for

  security architecture and enterprise integration

Technical Skills:

• Strong understanding of

  enterprise architecture methodologies

  (TOGAF, SABSA, Zachman)
• In-depth experience in securing

  networks, applications, endpoints, identities, and data

• Expertise in

  cloud security architecture

  (Azure, AWS, GCP) including Landing Zones, NSGs, Security Groups, etc
• Familiarity with

  micro segmentation

  , Zero Trust principles, and identity-centric network design
• Proficiency in security platforms:

  SIEM, SOAR, WAF, DLP, EDR, PKI, VPN, NAC

• In-depth understanding of application security assessment methodologies

  including

  OWASP Top 10

  ,

  OWASP ASVS

  ,

  OWASP MASVS

  , and modern

  attack/defense techniques

• Hands-on capability in threat modeling

  using

  STRIDE

  ,

  DREAD

  , and

  MITRE ATT&CK

  frameworks across diverse architectures
• Experience in

  security automation

  and orchestration using tools like Terraform, Ansible, Sentinel, etc.
• Exposure to container and API security (e.g., Kubernetes, Istio, API gateways, service mesh)
• Understanding

  data-centric security

  including tokenization, masking, encryption, and data vaults

Required Skills:

• Ability to architect and communicate

  secure, scalable, and resilient enterprise solutions

• Strong analytical mindset with the capability to translate business requirements into technical controls
• Ability to work independently while collaborating across

  Security, IT, Cloud, and Application teams

• Familiarity with

  compliance, risk, and governance

  aspects of security architecture
• Experience supporting architectural reviews, security assessments, and technology evaluations
• Capability to lead architecture functions in

  regulated and complex enterprise environments

• Strong communication, documentation, and stakeholder management skills

Certifications:

Mandatory:

• CISSP

  Certified Information Systems Security Professional

• TOGAF

  The Open Group Architecture Framework
• Microsoft Certified: Cybersecurity Architect Expert or AWS/Azure Solution Architect certifications

Good to Have:

• GIAC Defensible Security Architect (GDSA)
• CISSP-ISSAP – Architecture Specialization
• SABSA Foundation or Practitioner
• Certified Network Defender (CND) or CCNP Security
• Cloud Security Certifications – AWS Security Specialty / Azure Security Engineer Associate