Job Summary

We are seeking a seasoned and strategic Lead Cyber Security Architect to design, implement, and oversee secure enterprise architecture. This role spans the full security spectrum—including identity, cloud, network, data, application, and DevSecOps—with a focus on hands-on experience in Azure, AWS, and Active Directory.

The successful candidate will also be responsible for leading security teams, guiding junior members, and embedding security across technology lifecycles. This position requires being onsite at the office 3 days per week.

Key Responsibilities

Security Architecture & Strategy

• Define and maintain enterprise-wide security architecture aligned with regulatory, risk, and business goals.
• Conduct secure design reviews and threat modeling exercises.
• Lead the cybersecurity architecture team, ensuring alignment, accountability, and delivery.

Identity & Access Management (IAM)

• Design IAM solutions using Active Directory, Azure AD, SSO, MFA, RBAC, and PAM.
• Integrate and manage identity across hybrid cloud environments.

Cloud Security

• Hands-on implementation and configuration of Azure and AWS security services.
• Define controls and policies using native tools like Azure Security Center, Key Vault, Defender, and AWS IAM, GuardDuty, KMS, WAF.

Data Security & Privacy

• Architect data protection strategies using DLP, encryption, masking, and tokenization.
• Ensure architecture aligns with GDPR, HIPAA, CCPA, and internal data governance policies.

Network & Infrastructure Security

• Build secure network environments (Zero Trust, segmentation, VPNs, firewalls, hybrid cloud).
• Govern infrastructure security posture across distributed systems.

Application Security

• Drive AppSec strategy and integration of SAST, DAST, RASP, and secure coding practices.
• Oversee threat modeling and vulnerability remediation throughout the SDLC.

DevSecOps Integration

• Embed security into DevOps pipelines, leveraging automation and IaC scanning.
• Lead “shift-left” strategies using tools like Terraform, Ansible, Helm, and Kubernetes security controls.

Endpoint & Email Security

• Architect EDR/XDR and mobile threat defense programs.
• Define secure email systems using anti-phishing tools and secure gateways.

Vulnerability & Threat Management

• Manage vulnerability discovery, remediation, and reporting processes.
• Collaborate with SOC and threat intel teams to address real-time threats.

Team Leadership & Mentorship

• Provide technical leadership to the cybersecurity team.
• Mentor junior architects and engineers, supporting growth and skills development.
• Promote a culture of learning, innovation, and secure-by-design thinking.

Qualifications

Mandatory:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field.
• CISSP certification (required).
• Microsoft Azure Security Certification (e.g., Azure Security Engineer Associate).
• AWS Security Certification (e.g., AWS Certified Security – Specialty).
• Hands-on experience with Azure and AWS services and Active Directory in enterprise settings.
• 8+ years of cybersecurity experience, with 3+ years in a leadership/architecture role.
• Willingness to work onsite 3 days per week in a hybrid environment.

Preferred Certifications:

• SABSA, CISM, GIAC (e.g., GCSA, GCPN, GDSA), TOGAF, or equivalent.

Key Skills

Cloud Security Expertise

• Expert-level hands-on experience with Azure and AWS cloud platforms.
• Skilled in securing cloud architectures for IaaS, PaaS, and SaaS.
• Experience with Azure: Key Vault, Defender, Sentinel, Azure AD.
• Experience with AWS: IAM, KMS, GuardDuty, Security Hub, WAF.

DevSecOps & Automation

• Security integration in CI/CD pipelines using Terraform, Ansible, Helm.
• Container and Kubernetes security knowledge.
• Familiarity with GitOps practices.

Security Frameworks & Controls

• Strong knowledge of frameworks: NIST, SABSA, Zero Trust, CIS.
• Experience with SIEM, CASB, DLP, EDR/XDR, and SAST/DAST.

Team Leadership & Communication

• Proven ability to lead technical teams and mentor junior staff.
• Excellent communication skills with technical and executive audiences.

Please note that this Job Description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

For more information on WIS, visit our website at www.wisintl.com

WIS International endeavors to make its recruitment process accessible to any and all individuals and welcomes applications from people with disabilities. Reasonable accommodation will be provided, upon request, to applicants with disabilities to facilitate equal opportunity throughout the recruitment and selection process. If you are a person with a disability and require reasonable accommodation during any stage of the recruitment process, please contact your recruiter. This contact information is for accommodation requests only; please do not use this contact information to inquire about the status of an application.