Information Security Architect

Information Security Architect — Design and govern secure digital infrastructure across enterprise systems and platforms. We are looking for an experienced Information Security Architect to lead the design, development, and governance of secure architectures across IT and cloud environments. The role involves translating organizational risk and compliance requirements into technical security solutions, ensuring systems are resilient against evolving cyber threats while meeting regulatory obligations and business goals.

You will collaborate with IT, engineering, compliance, and business teams to ensure a consistent and proactive approach to enterprise security architecture.

• Security Architecture & Design: Define and maintain the enterprise security architecture framework, including principles, standards, and patterns
• Design secure infrastructure, network, cloud, application, and data architectures for internal and external services
• Ensure alignment of architecture with risk, privacy, compliance, and governance requirements (e.g., NIST CSF, ISO 27001, CIS Benchmarks)
• Develop threat models and security reference architectures for high-risk or critical platforms
• Assess new technologies and platforms for security implications and mitigation requirements

• Governance & Compliance: Support security architecture reviews and control validation across IT projects and DevSecOps pipelines
• Lead architecture-level security risk assessments and contribute to third-party/vendor evaluations
• Work closely with legal and privacy teams to ensure technical controls align with global regulations (e.g., GDPR, HIPAA, PCI DSS)
• Participate in internal audits, compliance reviews, and architecture board activities

• Collaboration & Enablement: Collaborate with infrastructure, DevOps, cloud, and application teams to embed secure-by-design practices
• Provide architecture guidance on IAM, data encryption, network segmentation, endpoint protection, container security, etc.
• Guide implementation of Zero Trust Architecture, micro-segmentation, SASE, and other modern security frameworks
• Conduct technical workshops and training to elevate organizational security maturity

• 6+ years of experience in information security, with at least 2 years in a security architecture role
• Strong knowledge of enterprise architecture frameworks (e.g., TOGAF, SABSA, Zachman)
• Expertise in security controls and architectures across cloud (AWS, Azure, GCP), on-premise, and hybrid environments
• Deep understanding of network security, IAM, encryption, firewalls, SIEM, and secure development practices
• Experience conducting risk assessments, threat modeling, and architecture reviews

• Certifications: CISSP-ISSAP, SABSA, CISM, CCSP, AWS/Azure Security Architect
• Experience implementing Zero Trust, SASE, or confidential computing strategies
• Familiarity with secure SDLC, CI/CD security integration, and DevSecOps principles
• Knowledge of regulatory frameworks (e.g., NIS2, GDPR, ISO 27001, SOC 2, FedRAMP)
• Strong communication skills with ability to influence and lead across technical and business domains