Cybersecurity Architect

Position Objective:

The Security Architect will lead the security architecture design implementation, and maintenance of robust security architecture tailored for the client maintaining enterprise security blueprint that protect client digital assets, infrastructure, and data This role ensures the protection of sensitive financial data and digital assets by integrating security best practices and compliance with regulatory standards such as ISO/IEC 27001, NIST and industry-specific regulations. The architect will work closely with IT, development and risk management teams to embed security measures into all aspects of technology infrastructure and software development lifecycles, focusing on a risk-based and compliance -driven approach.

As a Security Architect, you will ensure that security architecture aligns with business objectives, regulatory requirements, and industry best practices. You will lead the development of security frameworks, standards, and policies, and provide expert guidance on secure design and risk mitigation strategies across projects and operations.

Roles and Responsibilities:

Security Architecture & Design

• Lead the development and implementation of enterprise security architecture strategies, frameworks, and mitigation plans.

• Design secure systems and network architectures aligned with business objectives, regulatory requirements, and industry best practices.

• Translate business and technical requirements into robust, secure architecture solutions.

Governance & Assurance

• Own the security review process and produce security design blueprints for ARB and other governance forums.

• Provide security architecture assurance in line with enterprise architecture, roadmaps, and standards.

Security Architecture & Design

• Lead the development and implementation of enterprise security architecture strategies, frameworks, and mitigation plans.

• Design secure systems and network architectures aligned with business objectives, regulatory requirements, and industry best practices.

• Translate business and technical requirements into robust, secure architecture solutions.

Governance & Assurance

• Own the security review process and produce security design blueprints for ARB and other governance forums.

• Provide security architecture assurance in line with enterprise architecture, roadmaps, and standards.

• Define and maintain security standards, guidelines, and reference architectures.

Risk Management & Compliance

• Conduct threat modeling, and security impact analyses for new and existing solutions.

• Stay informed on regulatory changes impacting cybersecurity within the insurance and financial services domain.

• Evaluate emerging security technologies and recommend adoption where appropriate.

Collaboration & Advisory

• Partner with solution architects, development teams, and business stakeholders to ensure secure design and implementation.

• Present security architecture and risk mitigation strategies to ARB and senior leadership.

• Provide advisory and assurance support to the Local Information Security (LIS) team during investigations of security incidents.

Documentation & Review

• Review and endorse technical documents (impact analyses, functional designs, interface agreements) from a security perspective.

• Provide input into the strategic direction of security investments and enterprise risk posture.

Leadership & Enablement

• Act as the technical subject matter expert for all security-related design decisions.

• Mentor junior team members and promote security awareness across IT and business teams.

Key Challenges

• Balancing security requirements with business agility and user experience.

• Keeping pace with evolving threat landscapes and regulatory changes.

• Designing secure solutions under tight timelines and limited visibility into legacy systems.

• Managing multiple concurrent security reviews and architecture engagements.

• Ensuring consistent application of security standards across diverse platforms and technologies.

Minimum Job Requirements:

• Proven experience in security architecture design, preferably by financial services or insurance industries.

• Bachelor's degree in computer science, Cybersecurity, Engineering, or related discipline.

• At least 8 years of experience in IT security architecture, risk management, or cybersecurity operations.

• Strong knowledge of security frameworks (e.g., ISO/ IEC 27001, NIST, ISO 27001, COBIT).

• Knowledge of cloud security architecture and platform (Azure preferred), and DevSecOps practices.

• Experience in threat modeling and security control implementation.

• Handson experience with security technologies such as firewalls, SIEM, IAM, DLP, and endpoint protection.

• Familiarity with regulatory requirements (e.g., PDPA, GDPR) and industry standards (e.g., PCIDSS).

• Excellent analytical, problem-solving, and decision-making skills.

• Experience in Agile and Waterfall methodologies and secure software development lifecycle (SDLC).

• Relevant certifications such as CISSP, CISM, or SABSA is highly desirable.