Our client in Melbourne is currently looking for a Security Architect to join their tech company on an initial 12 month contract. This position involves utilising the outcomes of recent company-wide security audit to collaborate with stakeholders to define the current state of security position.
Through identifying challenges and opportunities, the role will be responsible for helping shape a target state security architecture and developing a corresponding security roadmap for the organisation alongside key stakeholders across the business.
Primary Accountabilities
* Vision and strategy: Support development of the security vision and strategy.
* Current state architecture: Document a detailed model of security architecture across not only the security environment, but also into the data space, engineering spaces, and across the corporate applications environment (e.g., Salesforce and Workday).
* Requirements assessment and heat mapping: Using the security program requirements and the security vision and strategy as primary inputs, identify architectural gaps and opportunities to inform program scope.
* Future-state architecture: Develop and gain buy-in to a detailed future-state architecture that addresses security risks and strategic objectives.
* Security architecture roadmap: Break down the desired target architecture into achievable milestones, recording these in architecture hub (LeanIX).
* Market assessments: Formulate a strategy for selecting vendor solutions, encompassing long-list compilation, assessment criteria establishment, weighting considerations, shortlist development, options analysis, and eventual recommendations.
* Cross-program collaboration: Work with the cross-program architects and Technology Risk Programs Integration Architect to identify gaps and overlaps between the programs and ensure that commons processes, frameworks, and templates are being followed.
Key experience:
The ideal candidate would have a strong understanding of security programs with a multi-framework approach and architecture principles.
* Demonstrable experience delivering, engineering, and/or architecting the following key security areas and technologies:
o Security remediation programs aligned to NIST CSF 800-53, CISv8, ASD Essential 8 and/or ISO27001,
o Understanding of AWS environments using in-built platform solutions such as CloudFront, CloudTrail, Guard Duty, IAM, Cognito, KMS, VPC Network and Security Data Lake,
o Understanding of information security issues, trends and leading practices, maintaining an in-depth holistic understanding of attack vectors, current threats, and remediation strategies,
o Understanding of identity and access management across corporate and cloud systems
o Understanding of enterprise network security architecture principles applied to hybrid cloud and multi-geographic regions.
* Real-world experience architecting a successful data platform transformation program.
* Strong verbal and written communication skills combined with ability to present to senior stakeholders.
...