Threat Modelling and Data Security Architect (VP) - Dublin

Join Sumitomo Mitsui Finance Dublin Limited (SMFD) as a Threat Modelling & Data Security Architect, driving security-by-design across a complex hybrid IT landscape (on-prem, Azure, GCP, Kubernetes, SaaS, enterprise systems). This role is based in Dublin, with a relocation allowance of an additional month’s salary for candidates open to relocating. SMFD is a wholly owned subsidiary of SMBC and is growing rapidly as a Centre of Excellence for the bank's universal banking business across EMEA. It provides a range of technology and operational support services aligned to SMBC's growth, innovation, and transformation strategies.

You will own and evolve the bank's threat modelling program and data security architecture, embedding secure design principles early and delivering scalable, automated controls to protect critical assets and enable innovation.

• Lead security design reviews, assessing solutions against policies, standards, and best practices.
• Develop and maintain a Security Reference Architecture and reusable design patterns.
• Design and implement security controls to address risks, emerging threats, and compliance needs.
• Own and mature the threat modelling program; identify and prioritise threats with actionable mitigation.
• Maintain a threat & countermeasure library and guide stakeholders in its application.
• Act as SME for data security, including classification, encryption, and access control.
• Develop data domain security controls aligned with data architecture patterns and strategies.
• Collaborate across IT, data, and engineering teams to embed security into projects and systems.

• Strong knowledge of security frameworks (NIST CSF v2, ISO/IEC 27001, CIS Benchmarks).
• Proven expertise in secure design principles, architectural patterns, and SSDLC.
• Hands-on experience in Azure and/or GCP security within regulated industries.
• Experience in threat modelling and training non-security stakeholders.
• Knowledge of data security controls, encryption, and access management.
• Familiarity with architectural frameworks (TOGAF, SABSA) and data patterns (Medallion, Data Mesh).
• Right to work in the EU is mandatory.

Location: Dublin, Ireland. Relocation allowance offered; candidates open to relocating may receive an additional month’s salary. Note: Some third-party application and recruitment process details may be managed by external agencies.