Job Description The Enterprise Security Architect acts as the strategic spearhead, defining, architecting, and embedding a resilient security posture that is intrinsically linked to the organization's mission, regulatory compliance, and protective security mandate. The Architect will be responsible for governing the full lifecycle of critical security documentation, including System Security Plans and Security Risk Management Plans, essential for achieving formal accreditation and maintaining continuous security assurance within sensitive or classified operational domains. Responsibilities: Establish and Govern the Security Framework: Define, mature, and govern the organization's overarching security architecture utilizing the principles of the SABSA methodology. Drive Strategic Alignment and Roadmaps: Spearhead comprehensive architecture reviews, conduct essential gap analyses, and chart strategic roadmaps to seamlessly align security controls with key business objectives. Manage Accreditation Documentation: Author, validate, and maintain high-stakes security artefacts, specifically System Security Plans and Security Risk Management Plans Ensure PSPF Compliance: Serve as the subject matter expert, delivering authoritative advice on compliance and implementation against the requirements of the Protective Security Policy Framework Translate and Enforce ISM Controls: Interpret and strategically apply the protective controls outlined in the Information Security Manual, ensuring complete architecture compliance. Bridge Stakeholder Communication: Function as the primary liaison between business stakeholders and accreditation authorities, translating stringent security requirements into practical, accredited solution designs. Secure Technology Integration: Evaluate and securely integrate novel and emerging technologies into the enterprise landscape, ensuring they meet the required security baseline. Develop Foundational Architecture Assets: Produce and govern core architectural artefacts, including authoritative reference models, security standards, reusable security patterns, and robust design guidance. Cultivate Security Culture: Actively mentor technical teams, champion a secure-by-design philosophy, and lead initiatives for continuous security enhancement. Maintain Threat Currency: Proactively monitor and assess evolving cyber threats and vulnerabilities, adapting the security architecture to ensure ongoing relevance and resilience.
