• Define and maintain enterprise security architecture frameworks, standards, principles, and governance models
• Review and provide security design authority for major initiatives including digital banking, cloud adoption, APIs, integrations, and third-party systems
• Ensure security is embedded into solution design, architecture decisions, and technology roadmaps from inception
• Develop and maintain reusable security architecture patterns across identity, access management, network security, cloud security, API security, encryption, logging, monitoring, and secrets management
• Establish and enforce secure architecture principles for cloud environments including public, private, hybrid, and SaaS platforms
• Review and guide secure cloud onboarding, including identity federation, encryption, monitoring, data protection, backup, and disaster recovery design
• Ensure application and API security requirements are embedded into SDLC, CI/CD pipelines, and DevSecOps practices
• Guide threat modeling, secure design reviews, and security controls for high-risk systems and integrations
• Define and govern enterprise-wide data protection and cryptographic standards including encryption, key management, tokenization, masking, and secure data sharing
• Design and enforce enterprise identity and access architecture ensuring least privilege, privileged access controls, federation, and segregation of duties
• Lead security architecture governance processes including reviews, approvals, exceptions, and escalation of risks
• Ensure all design assumptions, compensating controls, and residual risks are clearly documented and tracked
• Collaborate with enterprise architects, engineers, and delivery teams to ensure alignment between security architecture and solution design
• Support technology strategy by identifying architectural risks, technical debt, and opportunities for simplification and modernization
• Provide coaching and guidance to technical teams to improve secure design decision-making and architecture maturity

Requirements

• Bachelor's degree in Computer Science, Information Security, Engineering, or related field
• Postgraduate qualification is preferred
• Professional certifications such as CISSP, SABSA, TOGAF, CCSP, AWS or Azure Security certifications are preferred
• 15–20 years of experience in IT, cybersecurity, or enterprise architecture roles
• At least 10 years of experience in security architecture, technical leadership, or enterprise design roles
• Strong experience in enterprise-scale systems including cloud, applications, identity, data security, and integrations
• Experience in banking or regulated industries is highly preferred
• Strong understanding of enterprise architecture and security design principles
• Strong ability to balance security requirements with practical delivery needs
• Strong communication skills for both technical and executive stakeholders
• Strong stakeholder management, influence, and advisory capability
• Strong analytical thinking and systems design capability
• Ability to drive adoption of secure architecture standards across diverse teams