Security Enterprise Architect

Richemont owns some of the world’s leading luxury goods Maisons, with particular strengths injewellery,watches, fashion and accessories. Each Maison represents a proud tradition of style, quality and craftsmanship and Richemont seeks to preserve the heritage and identity of each of its Maisons. At the same time, we are committed to innovation and designing new products which are in keeping with our Maisons’ values, through a process of continuous creativity.

CONTEXT

The Security Enterprise Architect has a strategic role within Group Technology, ensuring that enterprise architecture systematically integrates security controls, standards, and design patterns into technology solutions.

While Group Security determines risk and control objectives, this role ensures that those objectives are operationalized into practical, scalable, and standardized controls across systems, platforms, and services. By bridging technology delivery, security governance, and risk management, the Security Enterprise Architect ensures that security is built into architecture decisions by design and aligned with both enterprise risk posture and regulatory compliance requirements.

A critical success factor for this role is the close collaboration with Group Technology GRC to ensure synergies between secure architecture implementation and compliance obligations. This includes embedding security controls into technical design while supporting GRC in monitoring compliance and risk exposure across Group Technology.

HOW WILL YOU MAKE AN IMPACT?

• Bridge risk and technology delivery: Work with Group Security to translate control objectives into actionable technical standards, guardrails, and design principles that can be consistently applied across technology platforms.
• Integrate with risk and compliance management: Partner with Group Technology GRC to ensure that security architecture both mitigates risk by design and supports compliance with regulatory frameworks and internal policies (e.g., GDPR, ICS, PCI-DSS).
• Define and maintain security reference architectures: Establish and continuously update security blueprints, patterns, and reusable components (e.g., encryption methods, authentication standards, logging frameworks) that embed controls in a consistent and scalable way.
• Drive secure-by-design practices: Collaborate with enterprise architects, solution architects, and platform owners to ensure controls are systematically applied during solution design, system integration, and technology evolution.
• Promote alignment across domains: Ensure consistent integration of security controls across infrastructure, applications, data, and cloud environments, avoiding fragmentation or duplication.
• Architecture governance & assurance: Provide architectural guidance to programs and services, ensuring that security, resilience, and compliance requirements are embedded and continuously validated.
• Influence enterprise decision-making: Communicate the business value of security controls in terms of risk mitigation, resilience, and compliance, helping stakeholders prioritize investments and design choices.

HOW WILL YOU EXPERIENCE SUCCESS WITH US?

• Significant experience as a Security Architect or Enterprise Architect in a complex, large-scale enterprise.
• Strong knowledge of enterprise architecture frameworks (e.g., TOGAF, SABSA, Zachman) and their application to security.
• Proven expertise in security controls across domains such as encryption, IAM, cloud security, secure data flows, monitoring, and endpoint security.
• Strong understanding of risk management practices and compliance frameworks (e.g., NIST CSF, ISO 27001, GDPR, PCI-DSS).
• Ability to translate control objectives into practical, repeatable, and standardized technical controls.
• Skilled collaborator, able to work across technology delivery, Group Security, and GRC functions to ensure synergy in control implementation and compliance monitoring.
• Relevant certifications (e.g., TOGAF, SABSA, CISSP, CISM, CCSP) are highly desirable.
• Balances the long-term (“big picture”) and short-term implications of individual decisions and organization goals.
• Ability to estimate the financial impact of EA alternatives and apply multiple solutions to business problems.
• Strong business acumen: can articulate security architecture in business terms and communicate effectively with both technical and non-technical audiences.
• Skilled at influencing, guiding, and facilitating stakeholders and peers in decision making.
• Ability to work effectively in a team environment and guide cross-functional teams on architectural topics.
• Technology neutral: unbiased toward specific technologies or vendors, focused on outcomes.
• Fluency in English is required; fluency in French is an asset.