Head of Security Architecture
A leading multinational organisation is seeking an experienced Security Architect to drive secure architecture and technology initiatives across a regional environment.
This role will be responsible for partnering with enterprise architecture, engineering, infrastructure, cloud, and application teams to ensure security is embedded into technology design, transformation programmes, and strategic initiatives. The successful candidate will possess strong technical depth across multiple cybersecurity domains and be capable of providing both hands-on expertise and strategic architectural guidance.
Tanggung jawab:
- Develop and maintain security architecture standards, patterns, and design principles aligned with business and technology objectives.
- Produce and review security architecture artefacts, including high-level and low-level designs, ensuring appropriate consideration of security, operational, and business requirements.
- Conduct architecture reviews, threat modelling exercises, and security risk assessments for new and existing technology initiatives.
- Act as a trusted security advisor to technology, infrastructure, cloud, and application teams across the organisation.
- Provide guidance on secure-by-design principles and support project teams in designing secure solutions throughout the project lifecycle.
- Participate in architecture governance forums and review boards, providing security oversight and recommendations on proposed solutions.
- Collaborate closely with enterprise architects, project managers, security operations, engineering, infrastructure, and application teams to drive security outcomes.
- Evaluate emerging technologies, identify security risks, and recommend practical mitigation strategies and compensating controls where required.
- Lead security technology assessments, proof-of-concepts, and product evaluations, considering functional, technical, operational, and commercial requirements.
- Support engineering and operations teams in addressing security control gaps, configuration weaknesses, and security-related incidents.
- Monitor emerging cyber threats, attack techniques, industry trends, and evolving security technologies to strengthen the organisation’s security posture.
Technical Expertise:
Strong knowledge across multiple security domains, with deep hands-on expertise in at least two of the following:
- Identity & Access Management (IAM, PAM, MFA, SSO, identity governance)
- Data Security (encryption, PKI, DLP, key management, data protection)
- Application Security (DevSecOps, CI/CD security, API security, secure coding, OWASP)
- Network Security (Zero Trust, segmentation, SASE, threat prevention, secure access)
- Cloud Security (AWS, Azure, GCP, CSPM, CWPP, cloud-native controls)
- Infrastructure Security (servers, endpoints, virtualisation, containers, Kubernetes)
- Security Operations (SIEM, EDR, SOAR, vulnerability management, security analytics)
Untuk mendaftar:
If you’re interested to apply or find out more, please share across your CV or reach out to Chen Yi at cy@kerryconsulting.com for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.
Reg: R1876389
Lisensi: 16S8060
