Enterprise security strategy & architecture

Enterprise Security Strategy & Architecture Company Description For a winning team that is evolving. Forward with Cuscal.At Cuscal, you’ll find a strong, successful company that’s reimagining the future. Here, you’ll deliver or support interesting, ground-breaking projects that have real impact on Australia’s financial services sector and the millions of customers it serves. You’ll innovate alongside skilled, smart, connected teams. As the largest independent payment solution provider, we’ve set the standard for over 50 years. Now, we’re preparing to pioneer the next 50. Job Description We are looking for an Enterprise Security Strategy Architect to join our evolving IT Security team in a pivotal role, responsible for defining and executing a unified cybersecurity strategy! What is this role about? As the Enterprise Security Strategy Architect, you will ensure that security is embedded into enterprise-wide initiatives by defining secure architecture patterns, performing threat modelling, and providing strategic business consulting. This role is critical in enabling agile, and scalable security practices that support innovation and minimize risk across Cuscal. Responsibilities Security Strategy & Alignment: Lead the development and maintenance of Cuscal’s enterprise security strategy, ensuring alignment with business objectives and regulatory requirements. Provide strategic direction for security investments and ensure that security architecture is integrated into Cuscal’s overall technology landscape. Define and maintain the security architecture strategy & roadmap, ensuring that it evolves with emerging threats, technologies, and business needs. Security Architecture and Pattern: Design, develop, and drive implementation of security architecture patterns for systems and applications across the enterprise. Establish security reference architectures to guide the development of secure solutions that support agility and scalability across all projects and initiatives. Collaborate with enterprise architects and cross-functional business teams to ensure security considerations are integrated into enterprise-wide architectures. Threat Modelling and Risk Assessment: Lead and facilitate threat modelling exercises across projects and business functions to identify and mitigate potential security risks. Collaborate with technical teams to perform security assessments and ensure that all new and existing systems adhere to Cuscal’s security standards. Drive proactive threat modelling as a part of the software development lifecycle (SDLC), integrating it into agile and Dev Ops environments. Business Consulting and Stakeholder Engagement: Foster a culture of security by design, working with product owners and development teams to embed security early in the development process. Deliver clear and actionable security guidance that enables the rapid and secure delivery of business solutions in an agile environment. Provide thought leadership and guidance to security, IT, and business teams on security design patterns and architectural decisions. Qualifications What can you bring? 10+ years of experience in cybersecurity, with at least 5 years focused on security architecture and strategy. In-depth knowledge of enterprise security frameworks, such as SABSA, TOGAF, and NIST. Extensive experience in designing and implementing security architectures across complex IT environments, including cloud, hybrid, and on-premises solutions. Strong understanding of security technologies, including IAM, PAM, encryption, network security, cloud security, and security operations. Ability to navigate the challenges of a varied role in a dynamic organization. Ability to identify tasks and activities required to meet project requirements and to set goals and priorities in line with business objectives. Although not required, any experience in the following would be highly regarded: Payment’s industry, ATM/EFT/POS technology, cards and finance or other regulated industries and/or 24x7 mission-critical environments. Knowledge of security frameworks and standards such as ISO 27001, CPS234, ASD Essential 8, etc. Understanding of legal, regulatory, privacy and security matters associated with the Banking and Finance Industry. Seniority level Mid-Senior level Employment type Full-time Job function Consulting #J-18808-Ljbffr