Security Architect

MAIN PURPOSE OF THE JOB

Design, implement, and maintain secure architecture for cloud and hybrid IT systems across the CUSTOMER Group, with a strong focus on Microsoft 365 and Azure platforms. Support strategic security initiatives by ensuring that all infrastructure, data, and application layers are protected in line with the organization’s security policies, regulatory obligations, and enterprise risk appetite.

Job Description

• Design and govern secure cloud architecture (Azure, M365, hybrid)
• Define and enforce cloud and enterprise security standards and frameworks following Zero Trust Principles
• Lead technical risk assessments and threat modelling for cloud deployments and new solution selections
• Lead the IADM implementation in collaboration with the architect group and divisions
• Evaluate, select, and optimize security tools (EDR, SIEM, CASB, etc.)

ESSENTIAL MINIMUM EXPERIENCE

• Minimum 10 years of information security experience, with at least 5 years in a security architecture role
• Hands-on experience in designing and implementing Microsoft 365 and Azure security 
• Strong understanding of secure design principles including Zero Trust Architecture 
• Strong understanding of security frameworks such as NIST, ISO 27001, and CIS Controls 
• Good understating of working with AI and large language models in context to security 
• Experience with regulatory compliance in healthcare (e.g. GDPR, ADHICS, POPIA) is a plus

DESIRED EXPERIENCE

•  Working knowledge of cloud security posture management (CSPM), SASE
•  Knowledge of third-party risk, DevSecOps, and identity governance

ESSENTIAL EDUCATION

• Bachelor’s degree in Information Systems, Cybersecurity, or Engineering 

DESIRED CERTIFICATION

•  Microsoft Certified: Cybersecurity Architect Expert
• CISSP / CCSP / Azure Security Engineer Associate

Knowledge Area

• Cloud Security Architecture
• Importance (E/D)
• (Azure, M365) Identity & Access Management (Entra ID, RBAC)
• Security frameworks (NIST, ISO, CIS)
• Network segmentation, Zero Trust
• Information protection (DLP, MIP, MCAS)
• SIEM/SOAR platforms (e.g., Sentinel)

REQUIRED COMPETENCIES

• Analytical Thinking: Ability to assess complex cloud environments and recommend secure configurations
• Judgment & Decision Making: Evaluates new risks and technologies and makes sound architectural decisions
•  Persuading & Influencing: Effectively communicates security requirements to non technical stakeholders
•  Collaboration: Works cross-functionally with IT, Risk, Legal, and Compliance
• Client Service Orientation: Designs secure environments that enable business growth without friction