Role Overview
The Security Architect supports the CISO by translating strategic security objectives into robust, coherent, and actionable security architectures. The role focuses on ensuring consistency, regulatory compliance, and effectiveness of security controls across complex hybrid environments, including IT, OT, cloud, network, and industrial systems.
The Security Architect contributes to the definition and evolution of an integrated security architecture that supports critical services and vital infrastructures, with a strong emphasis on resilience, traceability, governance, and business continuity. The role operates at the intersection of strategy, architecture, and delivery, working closely with technical, business, and governance stakeholders.
Key Responsibilities
1. Security Architecture
* Design, formalize, and evolve the target security architecture, applying Security by Design and Privacy by Design principles from early project stages
* Define and maintain security architecture principles, standards, and reference models aligned with organizational strategy
* Integrate key security domains (IT, OT, cloud, network, identity, data, cryptography, etc.) into a coherent and modular architecture
* Contribute to security intake processes, architecture reviews, and governance forums to ensure alignment with target architecture
2. Risk Management
* Perform architectural and technical risk assessments across projects, infrastructures, applications, and industrial systems
* Identify threats, vulnerabilities, and attack scenarios, and propose appropriate mitigation measures
* Maintain a consolidated view of risks across domains such as ERP systems, IT/OT/IoT environments, identity and access management, data flows, and emerging technologies (including AI)
3. Standards, Compliance & Governance
* Contribute to the definition and maintenance of technical security standards aligned with regulatory and reference frameworks (e.g. ISO 27001, NIS2, IEC 62443, NIST, GDPR)
* Support security governance bodies by providing architectural guidance and informed recommendations
* Ensure consistency between architectural decisions and internal standards, maintaining traceability of key decisions
* Coordinate with internal and external stakeholders, including regulatory or supervisory bodies when required
4. Advisory & Support
* Advise project, IT, OT, and business teams on integrating security requirements into solutions, including complex contexts (ERP integration, IT/OT convergence, cloud platforms, access management)
* Provide architectural input during design phases, solution assessments, and procurement activities (RFI/RFP)
* Ensure that critical security components (identity and access management, detection and response, cryptography, etc.) align with overall security objectives and IT roadmaps
5. Continuous Improvement & Technology Watch
* Monitor the evolution of threats, technologies, regulations, and security practices
* Propose continuous improvements to strengthen the organization’s security posture (detection, response, logging, resilience, identity)
* Promote reuse, consistency, and structured modelling of security architecture components
Technical Background
• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or a related field (Master’s degree preferred)
• Minimum 5 years of experience in security architecture, cybersecurity, or related roles within complex hybrid environments (IT, OT, cloud, ERP)
• Strong knowledge of cybersecurity standards and frameworks such as ISO 27001, NIST, IEC 62443, NIS2, GDPR, CIS Controls, or equivalent
• Ability to define and maintain security processes, policies, and standards aligned with business and regulatory objectives
• Broad expertise across several of the following areas: Network security, segmentation, Zero Trust, and cloud security, Secure ERP integration (e.g. SAP), Identity and Access Management (IAM, IGA, PAM, federation, provisioning), Cryptography (PKI, key management, strong authentication), Monitoring, logging, SIEM, XDR, detection and response, Secure use of Artificial Intelligence and generative technologies, Architecture modelling using tools and languages such as ArchiMate
Certifications - Must Have
• At least 2 of the following: CISSP, CISM, CISA, CRISC, ISO 27001
• SABSA Certified
Additionak Information : remote work available from EU only. The consultant must be available to travel onsite when required for meetings or project needs.