Enterprise Security Architect

ORGANISATION CHART

Cyber Enterprise Security Architect reports directly into Group CISO.

JOB PURPOSE

Identify, design and deploy IT Solutions for Transport and Urban Infrastructure Project Management and delivery of special IT Projects catering to specific business needs Subject Matter specialist for Information security operations Single point of contact for GHB members

The Cyber Security Architect will be responsible for designing , implementing and reviewing secure solutions that safeguard our organization's computer networks and systems, particularly as we test and implement new business solutions as part of our digital transformation efforts.

 

The ideal candidate will possess a deep understanding of cybersecurity principles, risk management, and emerging technologies to mitigate potential threats effectively.

KEY ACCOUNTABILITIES

Architecture Design:

Design and develop cybersecurity architecture solutions to protect organizational assets.
Evaluate existing systems and infrastructure to identify vulnerabilities and develop enhancement strategies.
Collaborate with IT teams to integrate security controls into enterprise architecture designs
Design and implement security controls, policies, and procedures tailored for cloud environments (e.g., AWS, Azure, Google Cloud)

Security Framework Implementation:
Implement and maintain cybersecurity frameworks (e.g., NIST, ISO 27001) to ensure compliance and best practices.
Develop security policies, procedures, and guidelines to support organizational goals and regulatory requirements.

Digital Transformation Support:
Provide technical leadership and guidance on cybersecurity projects and initiatives.
Stay updated on cybersecurity trends, threats, and technologies to recommend and implement best practices.
Partner with IT and business units to support digital transformation initiatives by providing secure and compliant solutions.
Advise on security requirements and considerations for new digital projects, ensuring alignment with organizational goals and regulatory requirements.
Drive innovation in cyber security practices and technologies to support agile and scalable digital initiatives.

Collaboration and Communication:
Collaborate with cross-functional teams to implement security measures and solutions.
Communicate cybersecurity strategies and risks to senior management and stakeholders effectively.

Incident Response and Risk Management:
Establish procedures for responding to cyber breaches and cybersecurity incidents.
Lead investigations into security breaches, coordinate remedial actions, and maintain incident records.
Conduct risk assessments and develop strategies to mitigate cybersecurity risks.

KEY ACCOUNTABILITIES - Additional Details

EXTERNAL INTERACTIONS

Roles you need to interact with outside the organization to enable success in your day to day work

Consulting partner who manages security solutions and processes of GMR

OEMs whose security solutions are implemented / planned to be implemented

INTERNAL INTERACTIONS

Roles you need to interact with inside the organization to enable success in your day to day work

Human Resources (Manager or other applicable roles) – To enable processes related to user awareness

Business functions (Manager or other applicable roles) – To enable processes related to digital transformation.

Legal and Compliance (Manager or other applicable roles) – To enable implementation of Legal and Compliance requirements such as IT Act.

Ethics and Integrity (Manager or other applicable roles) – To facilitate investigations.

External Corporate Communications (Manager or other applicable roles) – To ensure public facing websites are secure.

FINANCIAL DIMENSIONS

•Annual Budget for IT Security technical controls
•Enterprise IT budget of TUI Sector (approximate Six Crore INR)

OTHER DIMENSIONS

•Not applicable (No team)
•Indirect reporting through contracts (vendor resources etc.)

EDUCATION QUALIFICATIONS

Bachelor or Masters degree in computer science, Information Technology, Cyber Security, or a related field.
Proven experience (7+ years) in cyber security architecture, operations, and management, with a focus on cloud environments such as VMware, NSX.
Strong technical knowledge of cloud security principles, architectures, and services (e.g., IAM, encryption, network security).
Preferable hands on experience with cloud platforms such as AWS, Azure, or Google Cloud, including security tools and services offered by these providers.
Industry certifications such as CISSP, CCSP, AWS Certified Security Specialty, or equivalent are highly desirable.
Excellent leadership, communication, and interpersonal skills, with the ability to influence and collaborate effectively at all levels of the organization.

RELEVANT EXPERIENCE

• Relevant experience – 7+ years in similar role.
• Total experience –   approx. 15+ years

COMPETENCIES