Principal Consultant Cybersecurity Architect

Responsibilities:

• Influence, drive, and collaborate with business and technical stakeholders to achieve

practical architecture solutions that meet the secure by design and privacy by design

principles.

• Identify recurring information security use cases and develop security architecture

pattern documents applicable to those use cases

• Work with technical and business stakeholders to identity architectural attributes that

may influence threat and attack vectors.

• Perform threat modeling activities and communicate outcomes to platform engineers,

Information Security Risk Management and Application Security team.

• Develop technical road maps towards achieving mid to long term enterprise security

architecture goals like zero trust architecture, automated threat modeling, secure by

default, policy as code and pattern as code.

• Collaborate with Information security risk managers as part of security accreditation

process by providing inputs from a security architectural perspective.

• Research new information security capabilities and technology for continuous

improvement self and the organization.

• Develop security patterns and security reference architecture documents based on

organizational technology demand and knowledge gaps.

• Collaborate with information security assurance team on developing practical and

applicable information security baselines and referencing those baselines in

Enterprise Security Architecture documentation.

• Reviewing current system security measures and recommending and implementing

enhancements

• Participate in the development implementation and ongoing compliance monitoring of

all business associates and business associate agreements to ensure all privacy

concerns requirements and responsibilities are addressed

• Solution development Technology strategy roadmaps patterns and reference

architectures

• Developing technology blueprints and advising on strategic technology platform

options to fully leverage the potential of digital and technology

• Evaluation and recommendation of security products services and technologies

• Developing roadmaps to steer technology investments in alignment with business

priorities

• Providing guidance on emerging technologies and architectural patterns to the Cyber

Security leadership team

• Collaborating with the IT and Cyber security Leadership Teams

• Ensuring compliance with industry regulations and standards

• Participating in security governance meeting

• Working closely with the IT and business teams to understand the current and future

needs of the company

• Experience developing and implementing architect solutions

• Experience in Cyber Security technologies and solutions

• Broad knowledge of all Security domains including IAM Network Security, Endpoint

Security Data Security Operations, Threat Management

• Experience in the application of industry security standards and frameworks eg NIST

CSF ACSC Essential 8 ISO 27001 MITRE ATTCK

• Knowledge of current and emerging technologies and industry trends

• Experience of largescale information architecture programs including increasing the

maturity of the architecture function

• Certification in industry recognized frameworks methodologies eg TOGAF

Qualifications:

• Degree from an accredited university plus a minimum of 7 years of progressive work

experience in either security architecture or red teaming.

• Deep and hands-on understanding and expertise in at least 4 of the following 6 areas

Infrastructure, Application, Network, Cloud Security, Identity & Access Management

and Security Automation.

• An understanding of Azure Cloud and Microsoft 365 security controls, solutions, and

future roadmaps.

• Advanced knowledge Azure Key Vault, Azure Kubernetes Service, Azure Active

Directory, Defender for Cloud, Azure monitor, Azure API Management, Application

gateway.

• Understanding of application security assessment methods: OWASP Top 10, OWASP

Application Security Verification Standard (ASVS), OWASP Mobile Application Security

Verification Standard (MASVS), Attack and Defense techniques.

• Understanding and ability to perform threat modeling on a diverse category of

architecture (Referencing STRIDE, DREAD, MITRE ATT&CK Frameworks)

• Experience implementing and designing DEVSECOPS and Security Automation

delivery pipelines with automation tools like SAST, DAST, SCA, Container Security

tooling.

• Familiarity with cloud security concepts like Landing Zones, Isolation concepts,

NSGs/VCNs, Conditional Access, CI/CD pipelines.

• Familiarity with Datacentric Architectural concepts (Data storage, data lakes, raw and

transformational data vaults, data isolation, ETL/ELT ingestion pipelines).

• Ability to operate with a limited level of direct supervision.

• Exercise independence of judgement and autonomy.

• Familiarity with Zachman’s abstract architectural concepts.

• Strong critical thinking and problem-solving skills

• Strong written, verbal communication, and interpersonal skills

• Ability to translate business requirements into technical and security control

requirements.

• Security Architect certifications such as Certifications GIAC Defensible Security

Architect (GDSA), CISSP-ISSAP (Information Systems Security Architecture

Professional), Certified Network Defence Architect (CNDA), Microsoft Certified:

Cybersecurity Architect Expert are preferred