Security Architect

We never ask for payment as part of our selection process, and we always contact candidates via our corporate accounts and platforms. If you are approached for payment, this is likely to be fraudulent. Please check to see whether the role you are interested in is posted here, on our website The Security Architect is an experienced, senior manager-level role within an organization’s cybersecurity team. This role is crucial in supporting the CIA triad, and most importantly—the security of an organization’s assets. And it takes a diligent, multi-faceted approach paired with a deep knowledge of IT / Infosec. This role has to provide oversight of security architecture, security principles, defense-in-depth, least privileges, zero trust, SoDs, RBAC, and security by design approaches. Key Responsibilities: Develop and implement cybersecurity strategies, policies, and procedures to safeguard the organization's digital assets. Conduct technical reviews and risk assessments to identify gaps, loopholes, and weaknesses in the systems and further plan for mitigation as per best practices. You have to assess, plan, and build reliable, powerful, and flexible security architectures for IT and Infosec initiatives. You have to Identify missing cybersecurity and cyber-resilience capabilities in alignment with changing business needs, threat landscape and technical requirements. You have to evaluate, design, deploy, and update security controls with industry-emerging technologies. You have to build reliable, powerful, flexible, and scalable security architectures that adapt to evolving threat landscapes and technological changes. You have to prepare the cost estimates, solution comparatives, value propositions, and other potential integration concerns for all cybersecurity measures. Define and manage architecture artifacts including reference architecture documents, blueprints, HLDs/ LLDs, Data flow, and technical / non-technical security requirements aligned to the corresponding strategic roadmap. You have to quickly respond to any security-related issues (e.g., data breaches, major cyber incidents, phishing scams, etc.) and give a thorough post-event study once the situation has been resolved (referring to Cyber Kill Chain methodologies). Collaborate with cross-functional teams to integrate security into the organization's systems and processes. Manage relationships with external/ internal stakeholders and businesspersons. Stay abreast of emerging cybersecurity threats, vulnerabilities, and technologies through ongoing research and professional development. Key Requirements: Bachelor’s degree in computer science, Information Security, or related field; advanced degree or relevant certifications (e.g., CISSP, CEH, MAD, TOGAF, SABSA, CRTSA) preferred. Proficiency in cybersecurity technologies and controls, including but not limited to Network Security, Endpoint Security, Data Security, Application Security, Identity & Access Management, Supply Chain Security, and VAPT. In-depth understanding of threat modelling and threat-attack methodologies (STRIDE/ DREAD/ OWASP, etc.) for complex systems and threat-attack methodologies Strong understanding of conducting cybersecurity posture assessments, risk assessments, technology reviews, and security audits based on industry standards and frameworks (e.g., NIST, CIS, ISO, etc.) and well-versed in writing reports. Knowledge of business continuity, disaster recovery continuity of operations plans, and enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures). Excellent communication and interpersonal skills, with the ability to convey cybersecurity risks and recommendations to technical and non-technical stakeholders. Strong analytical and problem-solving skills, with the ability to assess and prioritize cybersecurity risks. Leadership abilities, with the capacity to lead and motivate a technical team of cybersecurity professionals. Key Knowledge and Experience: Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. Knowledge of industry-standard and organizationally accepted analysis principles and methods. Regulatory requirements and compliance standards relevant to cybersecurity. Incident response and handling procedures. Risk management methodologies. Emerging cybersecurity threats, vulnerabilities, and best practices. Security awareness training and education programs Years of Experience: 10+ years of overall experience in cybersecurity roles, with a demonstrated track record of leading cybersecurity initiatives in complex environments. At least 5+ years of relevant experience in holding security architect roles and responsibilities. As the Security Architect , you’ll play a pivotal role in designing security controls and protecting our organization from cyber threats. You will contribute to the organization’s overall success, ensuring CIA triad, and compliance. If you’re passionate about IT designs, and security architectures and have the expertise to lead a dynamic technical team, we encourage you to apply! What's in it for you? Pathways for career development Work with colleagues and clients around the world on interesting and challenging work; We provide internal career opportunities so you can take your career further within TMF; Continuous development is supported through global learning opportunities from the TMF Business Academy; Making an impact You’ll be helping us to make the world a simpler place to do business for our clients; Through our corporate social responsibility programme, you’ll also be making a difference in the communities where we work; A supportive environment Strong feedback culture to help build an engaging workplace; Our inclusive work environment allows you to work from our offices around the world, as well as from home, helping you find the right work-life balance to perform at your best