The role
As a Cyber Security Architect, you provide security leadership for design, implementation, integration, and oversight of cloud-based and hybrid systems' security solutions with an emphasis on securely facilitating business operations. As part of the role, you will also support other architectural teams and the Cyber Uplift Program of work.
You will be accountable for:
1. Working as an internal customer-facing specialist leading in-depth technical security architecture designs and assessments with solution architects, developers, and other technical & business stakeholders
2. Defining technologies, security controls, and operating protocols that protect data hosted in the cloud from loss, inappropriate alteration, or misuse
3. Assessing the completeness and effectiveness of security controls and solutions to identify capability gaps, security weaknesses and potential attack vectors
4. Assessing SaaS and PaaS services against the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM) and industry cloud security control frameworks
5. Working with solution architects to enhance the security controls on the existing technology platforms, services, and solutions
6. Performing / coordinating threat modelling and architecture design review sessions to identify the completeness of solution's security controls
7. Contributing to the Cyber Security architecture principles, patterns, roadmaps, frameworks and building blocks
8. Coordinating and facilitating the onboarding of technology services and solutions into the SOC threat monitoring program, including identification of how solution-specific attacks would be captured and recorded
9. Creating and maintaining cyber security documentation including solution designs, assessment reports and architectural artifacts
10. Assisting the Cyber Security Team Leads with the continual improvement of the cyber security tooling, processes, culture, and service provision
About you
11. A tertiary qualification and/ or equivalent experience in a cyber security role with demonstrated experience as a security architect
12. Demonstrated knowledge & experience in:
13. Defining, designing, and overseeing the implementation of secure solution architectures for AWS or Azure hosted solutions in alignment with appropriate platform security standards & frameworks
14. Defining, designing, and overseeing the implementation of secure solution architectures for endpoint security, internet gateway, IPS/IDS and network device infrastructure
15. Experience providing leadership (from an architectural perspective) regarding Security Operations Centre (SOC) tools and threat hunting activities utilising Microsoft Sentinel
16. Using industry security control frameworks and standards, including NIST and ISO 27001, as well as those applicable to Australian Government entities, including the ACSC ISM and the ASD Essential Eight, to design secure solutions
17. Performing threat modelling and design reviews to identify security requirements for new technologies, services, and systems
18. Championing and overseeing the design and implementation of secure solutions and good security practices amongst peers in a broader IT architects' community
19. Designing solutions using common industry standard cloud-native authentication and authorization mechanisms, MFA and SSO; in-depth knowledge of IAM architectures
20. A clear understanding of enterprise-scale cloud and hybrid cloud infrastructure security
21. Experience working with cloud security and governance tools including CASBs and CSPMs
22. Technical aptitude and the experience to continually learn new security technologies and understand relevant security market trends
23. Demonstrable skills in assessing, analysing, and resolving complex client and stakeholder related queries, utilising all relevant sources of information, media and stakeholder channels, data, reporting, systems and/or databases
24. Excellent interpersonal and consultative skills
25. Ability to effectively present complex information to project and senior level audiences both verbally and in writing.
26. Ability to work independently with limited supervision and be accountable for outcomes
27. Experience working collaboratively with multifunctional project teams, building, and maintaining productive working relationships.
28. Formal security certifications are desired but not essential. Examples include Certified Information Systems Security Professional (CISSP), CISSP-ISSAP, SABSA Chartered Security Architect, Certified Cloud Security Professional (CCSP), or related cloud provider's security architecture certification.