Security Architect

We are seeking a highly capable Security Architect to lead our NIST Uplift & Delivery Governance in alignment with the NIST Cybersecurity Framework (CSF). This role will act as the primary technical authority working with our external security partner, who will design work packages to address identified NIST deficiencies.

Your responsibility is to translate these work packages into actionable technical deliverables, ensure they are executed by internal operations teams, and drive accountability across both internal and external stakeholders.

This is a hands-on architecture and governance role — ideal for someone who understands security frameworks deeply, communicates clearly with executives and engineers, and can push projects through to completion.

Key Responsibilities

• NIST Framework Uplift
• Interpret NIST CSF gap assessments and translate them into actionable technical requirements.
• Review and validate work packages designed by the 3rd-party security provider.
• Ensure proposed solutions align with enterprise architecture, security standards, and operational capabilities.
• 3rd-Party Security Provider Management
• Act as the primary technical liaison with the external security partner.
• Challenge, refine, and approve their proposed work packages and remediation plans.
• Drive delivery timelines, quality, and alignment with organisational priorities.
• Ensure clear documentation, handover, and acceptance criteria for all deliverables.
• Internal Technical Delivery Leadership
• Break down work packages into executable tasks for internal operations teams (cloud, network, endpoint, identity, SOC).
• Provide architectural guidance and technical oversight throughout implementation.
• Track progress, remove blockers, and ensure timely delivery.
• Validate that implemented controls meet NIST requirements and security objectives.
• Security Architecture & Governance
• Develop and maintain security architecture standards, patterns, and reference designs.
• Ensure solutions are scalable, maintainable, and aligned with enterprise architecture.
• Provide technical leadership across SIEM, EDR, IAM, cloud security, network security, and vulnerability management.
• Support risk assessments, design reviews, and security assurance activities.
• Reporting & Stakeholder Communication
• Provide clear reporting on work package progress, risks, and dependencies.
• Communicate technical concepts to non-technical stakeholders.
• Present updates to senior leadership and participate in governance forums.
  
  

Required Skills & Experience

Technical Expertise

• Strong understanding of the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover).
• Experience designing or overseeing implementation of security controls across:
• SIEM, SOC operations
• EDR/XDR
• Cloud security (AWS, Azure, GCP)
• Identity & access management
• Network security
• Vulnerability management
• Ability to translate high-level security requirements into technical architecture and operational tasks.
  
  

Leadership & Delivery

• Proven experience driving delivery across multiple technical teams.
• Strong vendor and stakeholder management skills.
• Ability to challenge 3rd-party recommendations and ensure technical soundness.
• Experience in environments with complex operational dependencies.
  
  

Soft Skills

• Excellent communication and documentation skills.
• Strong analytical and problem-solving abilities.
• Ability to influence without authority and drive accountability.
• Comfortable working in a fast-paced, multi-stakeholder environment.
  
  

Preferred Qualifications

• Experience working with MSSPs or external security consultancies.
• Background in security engineering, SOC operations, or cloud security architecture.
• Certifications such as CISSP, CISM, CCSP, or SANS GIAC.
• Experience with security uplift programs or compliance frameworks (ISO 27001, CIS, PCI-DSS).
  
  

Summary

This role is ideal for a Security Architect who can operate at the intersection of security frameworks, technical delivery, and stakeholder leadership. You’ll be the driving force ensuring that NIST-aligned work packages are not only well-designed — but actually delivered, validated, and embedded into the organisation.

---