Role Summary
We are seeking a highly experienced Enterprise Security Architect to lead the security architecture strategy and execution for an organization transitioning from a parent company into a standalone enterprise environment.
This role will be critical in designing, governing, and implementing the target-state security architecture required to support a secure separation while ensuring business continuity, regulatory compliance, and operational resilience throughout the transition.
The successful candidate will assess inherited security capabilities, define future-state architectures, establish independent security controls, and lead security decision-making across infrastructure, cloud, identity, applications, networks, data, and third-party services. The role requires balancing short-term transitional dependencies with long-term strategic security objectives.
This is both a strategic and hands-on architecture role requiring deep experience in enterprise security, transformation programs, and complex carve-out or separation initiatives.
Key Responsibilities
- Separation & Transitional Security Architecture
- Lead the design and delivery of the target-state enterprise security architecture for a standalone organization.
- Assess existing parent-company security architecture, tooling, controls, dependencies, and inherited risks.
- Define separation security principles, transition states, and end-state operating models.
- Identify and manage transitional service agreement (TSA) security dependencies and associated risks.
- Develop security architecture roadmaps aligned to separation milestones, migration waves, and business priorities.
- Ensure secure disentanglement of shared infrastructure, applications, networks, identity platforms, and data environments.
- Provide architecture oversight for migration, replication, and decommissioning activities.
Enterprise Security Strategy & Governance
- Establish enterprise-wide security standards, reference architectures, patterns, and guardrails for the new organization.
- Build security architecture governance processes, design review forums, and exception management frameworks.
- Align security architecture with business strategy, enterprise architecture, and operational resilience objectives.
- Drive adoption of secure-by-design and Zero Trust principles across all technology domains.
- Develop architectural decision records and security control baselines for the standalone environment.
Identity, Access & Zero Trust
- Architect standalone identity and access management capabilities independent of the parent organization.
- Design secure federation, SSO, privileged access management, and identity lifecycle processes during transition phases.
- Define target-state Zero Trust architecture across workforce, third parties, and privileged users.
- Support migration or establishment of:
- Active Directory / Entra ID
- MFA platforms
- PAM solutions
- Identity governance controls
Cloud, Infrastructure & Network Security
- Define secure architectures across cloud, on-premises, and hybrid environments. Lead design of standalone:
- Network segmentation
- Internet ingress/egress
- Secure remote access
- Endpoint security
- SIEM/SOC integration
- EDR/XDR capabilities
- Ensure secure migration away from inherited parent-company infrastructure and shared services.
- Support datacenter exits, cloud tenancy creation, and network separation initiatives.
Data Protection & Application Security
- Define enterprise data security and classification strategies for the standalone organization.
- Ensure secure separation, migration, retention, and destruction of corporate and regulated data.
- Support application rationalization, separation, and secure integration activities.
- Conduct threat modelling and security risk assessments for transformation initiatives.
- Embed DevSecOps and application security standards into future delivery models.
Risk, Compliance & Third-Party Security
- Ensure security architecture aligns with:
- ISO 27001
- NIST CSF
- CIS Controls
- GDPR
- NIS2
- Industry-specific regulatory obligations
- Support security risk assessments related to separation activities and TSA dependencies.
- Conduct security due diligence for new vendors, SaaS platforms, and strategic partners.
- Support audit readiness and regulatory engagement during transition periods.
Stakeholder & Program Leadership
Partner closely with:
- Separation program leadership
- Enterprise architects
- Infrastructure teams
- Legal and compliance functions
- Cyber operations teams
- Third-party suppliers
- Act as the senior security architecture authority for transformation initiatives.
- Communicate architectural risks, trade-offs, and investment priorities to executive stakeholders.
- Mentor engineering and architecture teams while helping establish the security capability of the standalone organization.
Required Experience & Qualifications
- 10+ years of experience in cybersecurity, enterprise architecture, or infrastructure security roles.
- Significant experience in enterprise security architecture within large, complex environments.
- Proven experience supporting:
- Corporate separations
- Carve-outs
- M&A integrations/divestitures
- Large-scale transformation programs
- Strong understanding of transitional architectures and TSA dependency management.
- Hands-on experience designing security architectures across:
- Cloud platforms (Azure, AWS, GCP)
- Identity platforms
- Networks
- Endpoint security
- Data protection
- Enterprise applications
- Strong knowledge of Zero Trust architecture and modern security operating models.
- Ability to balance pragmatic delivery timelines with long-term architectural integrity.
Preferred Qualifications
- Certifications such as:
- CISSP
- SABSA
- TOGAF
- CCSP
- CISM
- Azure/AWS Security certifications
- Familiarity with security architecture tooling and enterprise modelling frameworks.
- Experience working with global delivery teams and system integrators.
Key Competencies
- Enterprise transformation leadership
- Security architecture governance
- Strategic planning and roadmap development
- Risk management and prioritization
- Executive stakeholder management
- Complex problem solving
- Influence without authority
- Decision-making under ambiguity
