Security Architect (Business Process and Security Engineering)

Overview

The Security Architect ensures security is embedded into business processes, operating models, and enterprise workflows, while bringing a solid security engineering and infrastructure background. The role bridges business needs with technical security controls, ensuring processes, people, and technology align to the organisation’s risk posture.

Key Responsibilities

1. Security Architecture & Governance

• Define and maintain a business‑aligned security architecture, policy, and control framework.
• Embed security into core business processes (e.g., procurement, onboarding, data handling, financial workflows).
• Partner with risk, compliance, and operations to ensure security requirements align with regulatory and business expectations.

2. Business Process Security Integration

• Map business workflows and identify where security controls must be integrated.
• Translate business risks into practical, operational controls (e.g., segregation of duties, access governance, data protection requirements).
• Conduct business-focused threat modelling and process risk assessments.

3. Security Engineering Foundation

1. Apply a strong understanding of infrastructure, networks, cloud, and security engineering fundamentals to guide architecture decisions.
2. Evaluate proposed changes, projects, and vendor solutions with consideration for technical feasibility, infra risks, and operational impact.
3. Provide guidance on secure design patterns, secure system integration, and architecture trade-offs.

4. Stakeholder Engagement

• Work with business leaders, product teams, and process owners to ensure security-by-design.
• Communicate security requirements in clear business terms.
• Lead workshops, reviews, and design sessions to align security expectations.

Required Skills

Business & Architecture

• Strong understanding of business processes, governance, workflows, and operating models.
• Ability to design security requirements that align to business outcomes.

Security Engineering

• Hands-on background in infrastructure, networks, cloud, or systems security engineering.
• Solid understanding of identity, access governance, data protection, and foundational security principles.

Preferred Qualifications

• Certifications such as SABSA, CISM, CISSP, or cloud security certifications.
• Experience in regulated sectors is advantageous.

Argyll Scott Singapore Pte Ltd
EA License No. 16S8105
Koh Ching Wen (Xu Jingwen)
EA Reg No: R1108631