Architect, Security

Primary Skills

• Information Security & Cybersecurity

Job requirements

Role Brief Provide support for establishing, maintaining, and continually improving the organization’s Information Security Management System (ISMS), Business Continuity Management System (BCMS), and AI Management System (AIMS) in alignment with ISO 27001, ISO 22301, and ISO 42001 standards. Leads multi-framework compliance programs including SOC 2, HITRUST, PCI DSS, TISAX, and Cyber Essentials. Owns client security management, ensuring customer-specific security requirements are implemented, monitored, and evidenced. Acts as the focal point for audits, certifications, risk assessments, awareness initiatives, and customer security assurance activities — driving compliance, resilience, and trustworthiness. Key Responsibilities: • Maintain and improve ISMS in accordance with ISO 27001 and applicable regulations. • Conduct periodic security risk assessments and ensure risk treatment plans are implemented. • Lead internal ISMS audits and coordinate external certification audits. • Ensure timely review and update of security policies, standards, and procedures. • Provide support for maintaining and improving BCMS in accordance with ISO 22301. • Support for establishing and maintaining AIMS in alignment with ISO 42001 & responsible AI principles. • Conduct AI-specific risk assessments, bias checks, and security reviews. • Lead planning, implementation, and ongoing compliance for SOC 2, HITRUST, PCI DSS, TISAX, and Cyber Essentials. • Act as the primary point of contact for client security management activities • Respond to client security questionnaires, RFP/RFI security sections, and due diligence requests. • Coordinate client security audits, assessments, and site visits. • Conduct security awareness sessions for employees, leadership, and others as per the need Candidates Must Have: Experience: • Around 7+ years of Information/Cyber security related experience Technical Expertise • Proven experience in ISO 27001 (ISMS), ISO 22301 (BCMS), ISO 42001 (AIMS). • Hands-on knowledge of compliance programs like SOC 2, HITRUST, PCI DSS, TISAX, etc. • Familiarity with NIST CSF, GDPR/DPDP, and other global regulations. • Strong skills in security risk assessments, control mapping, and policy governance. • Proven track record of leading multiple compliance audits and certifications. • Experience in conducting awareness programs and targeted security interventions. • Experience managing client security requirements and assurance programs. • Understanding of AI governance and trustworthy AI practices. Soft Skills • Strong analytical and problem-solving skills with a risk-based decision-making approach. • Excellent stakeholder communication and client-facing skills. • Ability to influence and drive security culture Certifications • CISA, CISM, Security+, SABSA, AWS/Azure Security Specialty, or equivalent. • ISO 27001, ISO 22301 related certifications • ISO 42001, AI governance related certifications