Architecture Lead Cyber

Our Story

Scentre Group is the owner and operator of 42 Westfield living centres in Australia and New Zealand; partnering with the world’s leading retail and luxury brands to create a unique shopping and leisure experience for our customers. A career with us fosters the chance to be a part of a company that is transforming the digital and physical retail space.

Every day, our people play a vital role in our purpose to ‘create extraordinary places, connecting and enriching communities.’

Your opportunity

This is a great opportunity for an experienced Cybersecurity Architecture Lead to join our Technology Team, in the Planning, Product and Portfolio space. In this role you will be providing crucial architectural services throughout the entire technology strategy planning cycle.

You will be responsible for defining and embedding cybersecurity practices, solutions, and controls aligned with the organization's risk profile and global best practices into enterprise and digital platforms and business processes. This includes developing and maintaining Secure-by-design principles and standards, future and target state architectures, roadmaps, capability maps for cybersecurity and technology risk management.

You will have overall accountability to:

• Partner with business leads, technology platform leads, and project/program leads to identify and implement appropriate security controls.
• Collaborate with Cybersecurity team, Enterprise Architects and other technology domain architects to evaluate the current state of cybersecurity risks and create target state architecture and capability maps.
• Develop and communicate Cybersecurity platform architectures for different organizational levels.
• Define and maintain Cybersecurity design principles, DevSecOps practices, and patterns to ensure consistency and effectiveness of security measures.
• Establish and implement processes for threat, risk, and control analysis to continuously identify and mitigate cyber threats.
• Govern through Architecture Forums, using documented design principles, standards, roadmaps, and blueprints.
• Ensure cohesive architectural approach across domains.
• Conduct technology sessions to align stakeholders with strategy.
• Observe threat landscape, and align our cybersecurity controls to keep pace with evolving threats.
• Research new technology, recommend vendors and software products to build out the future state architecture.
• Lead business initiative Proof-of-Value (PoVs) and Proof-of-Concepts (PoCs).
• Partner with key vendors and partners to provide highest levels of Cybersecurity expertise.
• Pursue personal development and continuous learning.

What will set you apart from the rest?

• Comprehensive expertise in diverse Cybersecurity domains including Hybrid and Cloud security, Identity and access management, Network Security, Secure application development, DevSecOps, Risk and Compliance, Governance and Data Protection
• Specialist in, application security, threat modelling, risk analysis, designing mitigation controls, and penetration testing
• Deep expertise with Security Frameworks including NIST and ISO27001
• Proficient in strategic planning, roadmap development, business collaboration, conducting technical workshops, and guiding technology decision-making
• Proven ability to identify architectural trade-offs and effectively communicate them to stakeholders
• Solid grasp of Unified Endpoint Management, edge infrastructure, and contemporary software development practices, including CI/CD and DevSecOps
• Strong leadership and negotiation skills with business and technical groups
• Strong influencer and get things done by bringing others on the journey
• The ability to establish, implement, and enforce appropriate technology standards to meet business requirements

Additional, favorable skills or experience:

• The ability to “think big” and challenge conventional wisdom regarding technology refresh and hype
• Ability to identify issues and risks and drive for operational excellence
• Pragmatic, outcome focused
• Strong commercial and technology acumen
• Open to new ways of solving problems
• Able to accept and action feedback  and have a consistent approach to planning
• Excellent verbal and written communication skills
• Self starter and strong organisation skills
• Comfortable with ambiguity and a willingness to take principled bets on new technology
• Be flexible and collaborative working with key demands and timelines

Our diverse and inclusive workforce is not only something we’re proud of, but something we’re committed to. We encourage and support our people to bring their ‘whole selves’ to work every day. This is because we believe all our differences contribute to our success and ensures a workforce that reflects the customers we serve. Our commitment is backed by executive and employee-led working groups including All Abilities, LGBTI, Mental Health & Wellness and Gender Equity alongside other initiatives such as our Reconciliation Action Plan to grow our Aboriginal and Torres Strait Islander workforce.