Principal Security Architect

Responsibilities:
- Maintain and develop standards and guidance that builds SDL maturity in the IT team
- Help traditional infrastructure teams develop strategies for meeting the spirit of SDL requirements, pushing towards use of automation, infrastructure-as-code, & DevOps methods rather than manual or golden image techniques
- Develop implementation-specific architecture templates that meet security requirements expressed in policy and standards
- Assist with security reviews of and technical recommendations into high-level and low-level designs where required
- Assist with GRC consultation queries where required
- Invest in others, including application development and infrastructure teams, to support business applications and processes in new ways.
- Afford mentorship regarding solutions and concepts.
- Further a culture of innovation within the architecture and broader IT team.

Required Skills and Experience:
- Ability to align security frameworks with organisation security policies, and to craft corresponding security controls (whether implemented by technology or process)
- Proven experience implementing SDL in non-software contexts, including infrastructure.
- Experience with Infrastructure-as-Code (IaC) and automation through DevOps, and tools such as Jenkins, Terraform, and Ansible.
- Prior experience working with recognised security frameworks from ISO, NIST, etc, and with neutral / harmonisation frameworks like UCF (Unified Compliance Framework).
- Solid technical understanding of both on-premise infrastructure (network, platform, network-based storage, OS, virtualisation), cloud infrastructure (AWS, GCP, Azure, and others), and technologies found in both (e.g. docker, Kubernetes).

“Nice To Have” Skills and Experience:
- Bachelor's degree in computer science, information technology, or a related field; or equivalent experience/professional/industry certifications.
- Understanding of identity & access management for both people & systems.
- Understanding of software engineering.
- Exposure to large enterprise platforms such as SAP and Salesforce.
- Knowledge of Arm based compute & software.
- Relevant industry / vendor certifications.
- A passion for optimisation and automation, and a desire to motivate change!
- Strong motivation and drive, with the ability to operate across multiple projects simultaneously, including those that span geographies!