Our client in Melbourne is currently looking for a Security Architect to join their tech company on an initial 12 month contract. This position involves utilising the outcomes of recent company-wide security audit to collaborate with stakeholders to define the current state of security position.Through identifying challenges and opportunities, the role will be responsible for helping shape a target state Security Architecture and developing a corresponding security roadmap for the organisation alongside key stakeholders across the business.Primary Accountabilities
- Vision and strategy: Support development of the security vision and strategy.
- Current state architecture: Document a detailed model of Security Architecture across not only the security environment, but also into the data space, engineering spaces, and across the corporate applications environment (e.g., Salesforce and Workday).
- Requirements assessment and heat mapping: Using the security program requirements and the security vision and strategy as primary inputs, identify architectural gaps and opportunities to inform program scope.
- Future-state architecture: Develop and gain buy-in to a detailed future-state architecture that addresses security risks and strategic objectives.
- Security architecture roadmap: Break down the desired target architecture into achievable milestones, recording these in architecture hub (LeanIX).
- Market assessments: Formulate a strategy for selecting vendor solutions, encompassing long-list compilation, assessment criteria establishment, weighting considerations, shortlist development, options analysis, and eventual recommendations.
- Cross-program collaboration: Work with the cross-program architects and Technology Risk Programs Integration Architect to identify gaps and overlaps between the programs and ensure that commons processes, frameworks, and templates are being followed.
- Demonstrable experience delivering, engineering, and/or architecting the following key security areas and technologies:
- Security remediation programs aligned to NIST CSF 800-53, CISv8, ASD Essential 8 and/or ISO27001,
- Understanding of AWS environments using in-built platform solutions such as CloudFront, CloudTrail, Guard Duty, IAM, Cognito, KMS, VPC Network and Security Data Lake,
- Understanding of information security issues, trends and leading practices, maintaining an in-depth holistic understanding of attack vectors, current threats, and remediation strategies,
- Understanding of identity and access management across corporate and cloud systems
- Understanding of enterprise network Security Architecture principles applied to hybrid cloud and multi-geographic regions.
- Real-world experience architecting a successful data platform transformation program.
- Strong verbal and written communication skills combined with ability to present to senior stakeholders.