Job Description
Cyber Security Architect – Lead SP
Location: Hybrid, with a base office in Warsaw, Poland
Role Overview:
We are seeking an experienced and highly technical Lead Cyber Security Architect to join our consultancy team. The successful candidate will be a recognized expert in cyber security, with a deep understanding of system architecture and advanced security practices. This individual will be responsible for defining and leading the technical security architecture across various industries, driving innovation, and ensuring that security considerations are embedded into every level of system and service design.
The Lead Cyber Security Architect will also be expected to mentor and guide a team of security architects, provide technical leadership in complex situations, and ensure that security strategies align with business goals and regulatory requirements.
Key Responsibilities:
· Collaborate with senior stakeholders and technical teams to identify and address advanced security requirements across multiple sectors.
· Design and implement innovative security architecture solutions to tackle complex problems, ensuring systems are robust, scalable, and compliant with regulatory frameworks.
· Develop the strategic vision and technical roadmap for security architecture, ensuring alignment with evolving technologies, business needs, and industry best practices.
· Serve as the technical authority on all security architecture decisions, providing guidance and escalation support for lower-level security architects.
· Design secure, scalable architectures for systems, services, and cloud infrastructures, with reusable security patterns and principles that drive operational efficiency.
· Proactively assess and mitigate risks across systems by applying risk-based methodologies and providing expert advice on the trade-offs between security, cost, and performance.
· Ensure the integration of security considerations into the broader enterprise architecture, influencing organizational policies, technology selection, and development methodologies.
· Drive the adoption of Secure by Design principles, ensuring that security is an integral part of the system development lifecycle from inception through deployment.
· Perform threat modelling, vulnerability assessments, and security testing across system architectures, guiding teams on best practices for secure design and development.
· Engage with industry bodies and regulatory frameworks to ensure alignment with security standards such as ISO/IEC 27001, NIST, and GDPR.
· Conduct technical reviews of third-party solutions and vendor offerings, ensuring that external products meet internal security standards.
· Act as a subject matter expert (SME) in security technologies, advising on advanced areas such as encryption, identity management, data protection, zero trust, and cloud security.
· Monitor and analyse emerging threats, vulnerabilities, and risks, ensuring that security architectures evolve to counter new attack vectors and threats.
Essential Skills and Experience:
· Deep expertise in system and security architecture, with hands-on experience in designing secure infrastructures, including cloud environments (AWS, Azure, or GCP).
· Proficient in securing networks, cloud platforms, applications, and data, with a solid understanding of modern cryptography, PKI, and identity access management (IAM).
· Strong understanding of network infrastructure and network hardware.
· Comprehensive knowledge of emerging technologies and security trends, including Zero Trust architectures, DevSecOps, microservices, and container security.
· Extensive experience in vulnerability management, penetration testing methodologies, and advanced threat mitigation techniques.
· Expert-level understanding of security frameworks and regulations (e.g., ISO/IEC 27001⁄27002, NIST, GDPR, PCI-DSS, NCSC).
· Proven experience managing large-scale security projects, balancing security objectives with business and operational needs.
· Strong leadership skills, with experience leading and mentoring technical teams across diverse security disciplines.
· Experience with security automation and orchestration tools, including the integration of security tools in CI/CD pipelines (DevSecOps).
· Excellent understanding of cloud security architecture, particularly for securing hybrid and multi-cloud environments, and cloud-native applications.
· Strong knowledge of security incident management and response strategies, with experience supporting SOC teams in investigating security breaches and coordinating responses.
Qualifications:
· Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.
· Additional certifications in cloud security or architecture (e.g., AWS Certified Security Specialty, Azure Security Engineer, SABSA, TOGAF).
· Experience in pre-sales and bid writing for security architecture engagements.
· Experience leading large-scale cyber security programs in complex environments, working with a variety of sectors such as Financial Services, Energy & Utilities, Consumer, Retail, and Logistics.
· Expertise in security standards, policies, and regulatory requirements.
Personal Attributes:
· A proactive problem-solver with a passion for security and a commitment to excellence.
· Strong ability to communicate complex security concepts to both technical and non-technical stakeholders.
· A mentor and leader who can inspire, motivate, and guide a team of technical architects.
· Able to handle pressure in high-stakes situations, maintaining a focus on delivering secure and effective solutions.
· Customer-focused, with a proven ability to build relationships and trust across a wide range of stakeholders.
· Flexible and adaptable, with the ability to thrive in fast-paced, dynamic environments.
Why Join Us:
As a Lead Cyber Security Architect, you will be at the forefront of securing the systems and services of our clients, shaping the future of cyber security, and working alongside some of the brightest minds in the industry. This is a highly technical role, ideal for a passionate security leader looking to have a tangible impact on real-world security challenges.
