Group Head of Security Architect

We are seeking an experienced Head of Security Architecture to lead the design and evolution of enterprise-wide security architecture across on-premise, cloud, application, data, and emerging technology environments. This role plays a critical part in shaping security strategy, embedding secure-by-design principles, and enabling business transformation while effectively managing cyber risk.

You will provide architectural leadership, partner closely with enterprise architecture, engineering, and risk teams, and act as a trusted security advisor to senior technology and business stakeholders.

• Define and own the enterprise security architecture strategy, standards, and roadmap, aligned with business and technology objectives.
• Lead security architecture design and reviews across cloud platforms, applications, infrastructure, data, and identity.
• Establish and govern security architecture principles, reference architectures, and patterns in alignment with enterprise architecture frameworks.
• Embed security into digital transformation initiatives, including cloud adoption, DevSecOps, containerised platforms, and API-driven architectures.
• Oversee threat modelling, security design reviews, and risk assessments for new and existing platforms.
• Partner with enterprise architects, engineering teams, and risk functions to ensure defence-in-depth and Zero Trust adoption.
• Provide architectural guidance on emerging technologies such as AI, machine learning, and blockchain, including identification and management of associated security risks.
• Mentor and develop a team of security architects and senior security professionals.
• Serve as a senior security advisor to executives and technology leadership.

• Bachelor’s or Master’s degree in Computer Science, Engineering, Information Security, or a related discipline.
• 15+ years of experience in cybersecurity, with significant depth in security architecture and enterprise-scale design.
• Deep understanding of enterprise architecture and security frameworks, including TOGAF, NIST, CIS, ISO 27001, and related standards.
• Solid know-how of core security controls and domains, including:
• Authentication and authorisation
• Cryptography and key management
• Cloud security (AWS, Azure, GCP)
• DevSecOps and CI/CD security
• Container and Kubernetes security
• Strong understanding of emerging technologies such as AI and blockchain, and the associated security, ethical, and regulatory risks.
• Proven ability to design and govern security architecture in complex, regulated enterprise environments.
• Excellent stakeholder management and communication skills, with the ability to influence at senior and executive levels.
• Relevant certifications such as CISSP, CCSP, SABSA, TOGAF, or equivalent are highly desirable.

are invited to apply for a confidential discussion.

Please note that only shortlisted candidates will be notified.

EA Licence No: 11C5502 | EAP Registration No: R1106192