Cyber Security Senior Architect

The Senior Cyber Security Architect is a strategic technical leader responsible for designing, implementing, and evolving the organization’s enterprise security architecture to protect critical assets, systems, and data. This role partners with senior IT, engineering, and business leaders to define security principles, standards, and roadmaps that align with business objectives while mitigating cyber risk. The Senior Cyber Security Architect serves as the primary subject matter expert on secure architecture design, emerging threats, and security technology evaluation, ensuring the organization is protected against both current and future cyber risks.

The Role

Security Architecture & Strategy

• Develop, maintain, and communicate the enterprise security architecture framework, patterns, and standards.
• Translate business and technical requirements into secure, scalable, and resilient architecture solutions.
• Define and champion the organization’s secure-by-design and zero trust strategies.
• Align architecture decisions with regulatory requirements, industry best practices, and organizational risk appetite.

Solution Design & Governance

• Provide architecture oversight and guidance for IT and business projects to ensure compliance with security standards.
• Conduct architecture reviews and threat modeling for new and existing systems, applications, and cloud deployments.
• Advise on secure integration of on-premises, hybrid, and multi-cloud environments.
• Collaborate with DevSecOps teams to embed security in the software development lifecycle (SDLC).

Technology Evaluation & Innovation

• Research and assess emerging security technologies, tools, and practices for enterprise adoption.
• Drive the evaluation, selection, and implementation of security platforms (e.g., IAM, PAM, SIEM, EDR, NDR, CASB).
• Partner with infrastructure and network teams to enhance security posture without impeding operational efficiency.

Risk Management & Compliance

• Ensure architecture designs meet compliance requirements such as NIST CSF, ISO 27001, DORA, and local data protection regulations.
• Support security risk assessments and recommend remediation strategies for high-risk findings.
• Collaborate with governance, risk, and compliance (GRC) teams to maintain audit readiness.

Leadership & Influence

• Serve as a trusted advisor to the CISO, CTO, and senior business leaders on security architecture matters.
• Mentor junior architects and security engineers, fostering technical excellence and innovation.
• Represent the organization in external security forums and architecture working groups.

The Requirements

• Progressive experience in cybersecurity, with experience in an architecture leadership role.
• Deep expertise in security architecture across cloud, application, network, and endpoint domains.
• Strong knowledge of zero trust principles, secure cloud architecture (AWS, Azure, GCP), and modern identity solutions (IAM, PAM, MFA, SSO).
• Familiarity with enterprise security frameworks and regulations (e.g., NIST CSF, TOGAF, SABSA, DORA, GDPR).
• Relevant certifications (e.g., CISSP, CCSP, SABSA, AWS/Azure Security Specialty) strongly preferred.
• Exceptional communication, stakeholder management, and influencing skills.
• Bachelor’s degree in Computer Science, Information Security, or related field is preferred.

At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organisation. We embrace all types of diversity.

We’re committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers, from the application process through to joining WTW, please email candidate.helpdesk@willistowerswatson.com.