Information Security Architect

About The Position

Requirements

• 7+ years of experience in information security, with hands‑on responsibility for Security Architecture within medium‑to‑large enterprise environments focused on cloud security.
• Proven experience operating within a formal Enterprise Architecture function, contributing to the transition from ad‑hoc security decisions to standardized, repeatable architecture practices.
• Demonstrated ability to define and govern security architecture artifacts, including principles, standards, reference architectures, and target‑state roadmaps.
• Strong practical experience applying architecture‑centric security frameworks such as SABSA, NIST CSF, ISO/IEC 27001/27002, and Zero Trust—translating them into concrete architectural designs, not just compliance mappings.
• Experience conducting architecture‑level risk analysis and threat modeling, and using those outputs to drive design decisions and prioritization.
• Broad understanding of enterprise technology domains (networks, identity, cloud, applications, data platforms) and how security architecture patterns apply consistently across them.
• Experience influencing architecture outcomes through design reviews, standards enforcement, and stakeholder collaboration, rather than operational authority alone.
• Relevant certifications such as CISSP‑ISSAP, SABSA SCM, CISM, or SANS Architecture‑focused credentials are strong assets.
• Ability to operate effectively in an organization maturing its Enterprise Architecture capabilities, balancing progress with pragmatism.

Nice To Haves

• Experience designing and governing IoT security architectures at scale, including device identity, authentication, lifecycle management, and secure enterprise integration.
• Familiarity with IoT and industrial security standards (e.g., NIST IoT CSF, IEC 62443) and their application within an enterprise architecture context.
• Experience in transportation, logistics, or highly operational environments is a strong asset.

Responsibilities

• Act as a core contributor to Day & Ross’s Enterprise Architecture maturity, establishing and governing a defined and repeatable Security Architecture practice aligned with Enterprise Architecture and organizational strategy.
• Own the Security Architecture domain within the broader EA model, ensuring security principles, standards, and patterns are consistently embedded across applications, infrastructure, cloud, data, and IoT platforms.
• Define and maintain security architecture artifacts appropriate to a mature EA function, including: Security principles and policies Target‑state and transition architectures Reference architectures and reusable security patterns Architecture decision records and design guardrails
• Integrate security architecture into delivery lifecycles (initiative intake, solution design, SDLC / DevSecOps), ensuring security is addressed by design rather than by exception.
• Lead security architecture reviews for new initiatives and material changes, providing authoritative guidance on design decisions, risk trade‑offs, and alignment with enterprise standards.
• Translate enterprise risk assessments, threat models, and regulatory obligations into actionable architectural requirements and remediation roadmaps.
• Contribute to the evolution of an Enterprise Security Architecture operating model, including governance forums, design review processes, and metrics that demonstrate architectural effectiveness and risk reduction.
• Design and govern IoT and telematics security architectures at enterprise scale, ensuring secure device identity, lifecycle management, connectivity, and integration with core enterprise systems.
• Partner with Enterprise Architecture, Security Operations, and Governance teams to ensure architectural standards are implementable, enforceable, and measurable.