Cyber Security Architect; m​/f​/d

We are looking for an experienced Cyber Security Architect to shape and strengthen our security architecture across enterprise platforms, applications, and infrastructure. The role is responsible for ensuring that security requirements are embedded into enterprise, segment, and solution architectures, and that systems are designed to protect critical business processes in cloud, on-premises, and hybrid environments.

The Cyber Security Architect ensures that security is built into technology decisions from the outset, translating business, operational, and regulatory requirements into pragmatic, risk-based security architectures. The role drives security-by-design, supports secure transformation, and enables the organization to adopt modern technologies while maintaining resilience, compliance, and control.

• Define and maintain security architecture principles, standards, patterns, and reference models for enterprise systems, networks, applications, and platforms.
• Design secure solutions across cloud, on‑premises, and hybrid environments, ensuring appropriate identity, network, platform, data, and application security controls are integrated from design through implementation.
• Translate business and technical requirements into security requirements, architecture decisions, and solution designs that are scalable, resilient, and proportionate to risk.
• Conduct architecture and design reviews for new initiatives, major changes, and third‑party solutions, identifying security gaps and recommending remediation measures.
• Lead or support threat modelling, trust boundary analysis, and control selection for business‑critical systems and digital services.
• Provide architectural guidance on secure integration, segmentation, encryption, secrets management, logging, monitoring, disaster recovery, and resilience requirements.
• Assess the impact of new technologies, interfaces, and transformation initiatives on the organisation’s security posture and risk profile.

• Act as a trusted advisor to technology and business stakeholders on secure transformation, technology risk, and control design.
• Embed security‑by‑design and risk‑based decision‑making into architecture governance, project delivery, and change management processes.
• Contribute to enterprise architecture boards, security governance forums, and investment decisions to ensure security requirements are considered early and consistently.
• Support compliance with internal policies, regulatory obligations, and industry standards by ensuring architectures align with required control frameworks and assurance expectations.
• Track emerging threats and technologies and translate them into actionable architecture improvements, roadmaps, and design guardrails.

• 5-8 years of experience in cyber security, information security, or enterprise/security architecture roles within complex enterprise environments.
• Proven experience designing security architectures for cloud, on‑premises, and hybrid technology estates.
• Strong knowledge of security architecture domains, including:
• Identity and Access Management
• Network and Zero Trust principles
• Application and API security
• Data protection and encryption
• Infrastructure and platform security
• Logging, monitoring, and security telemetry
• Resilience, backup, and recovery controls
• Experience applying risk‑based design principles and balancing security, business, operational, and delivery considerations.
• Hands‑on experience reviewing solution designs, conducting architecture assessments, and defining security requirements for projects and platforms.
• Strong understanding of common security and control frameworks such as ISO 27001, NIST CSF, CIS Controls, or equivalent.
• Ability to engage effectively with senior stakeholders, enterprise architects, engineers, project teams, risk functions, and external partners.
• Excellent written and verbal communication skills in English, with the ability to explain complex security concepts in a practical and business‑relevant way.

• Experience in regulated industries such as financial services,…