About the Role
This is a high-impact leadership role where you will define and drive the organisation’s enterprise security architecture strategy. You will work closely with senior stakeholders to ensure security is embedded into the bank’s technology landscape, supporting business growth while maintaining robust risk and compliance standards.
Key Responsibilities
Security Architecture & Strategy
Define and evolve enterprise-wide security architecture across cloud, IAM, network, application, and data domains
Drive adoption of zero-trust principles and modern threat detection capabilities
Align security architecture with enterprise IT strategy, cloud transformation, and business priorities
Provide strategic advisory to senior leadership on cybersecurity risks, controls, and technology investments
Governance & Risk Management
Establish and enforce security architecture standards across all technology initiatives
Ensure secure-by-design principles are embedded across programs and delivery teams
Oversee compliance with internal policies and external regulatory requirements
Partner with risk and audit teams to strengthen enterprise-wide security posture
Transformation & Modernisation
Lead security transformation initiatives including cloud security uplift and legacy remediation
Drive security tooling optimisation and integration across complex environments
Support secure implementation of large-scale, regulated systems
Key Requirements
Bachelor’s degree in IT, Computer Science, or related field (Master’s or professional certifications are advantageous)
Extensive experience in enterprise security architecture within complex, large-scale environments
Strong expertise across:
Cloud security (AWS, Azure, or GCP)
Identity & Access Management (IAM)
Network and application security
Data protection and encryption standards
Zero-trust architecture
Proven ability to engage and influence C-level stakeholders on cybersecurity strategy
Hands-on experience with secure-by-design engineering and threat modelling
Strong knowledge of cybersecurity frameworks and standards such as ISO 27001, NIST, PCI-DSS, and regional regulatory requirements
Experience within banking, financial services, or other highly regulated industries is highly preferred
