Cyber Technical Architect and Lead

• Provide technical leadership and hands-on services across the delivery of cybersecurity initiatives including PAM (Privileged Access Management) , MFA (Multi Factor Authentication), Backup (Recovery backups and Disaster Recover) solutions, ensuring integration across Corporate and Control (Operational Technology) environments. Drive capabilities (listed below) while aligning with organisational risk frameworks, compliance obligations, and enterprise security strategy.
• Azure & Identity Security
• Microsoft Entra ID administration and architecture
• MFA adoption strategy, deployment, and tuning
• Designing and managing Conditional Access Policies and Authentication Policies
• Deep understanding of authentication protocols including SAML, OAuth, OpenID Connect
• Monitoring and analysing Sign-In Logs for security and troubleshooting
• Managing Service Principals and application identities
• Implementing and operating Privileged Identity Management (PIM) for Just-In-Time privileged access
• Identity lifecycle management (provisioning, deprovisioning, onboarding/offboarding)
• Privileged Access Management (PAM)
• Experience with enterprise PAM solutions such as CyberArk, BeyondTrust, Thycotic/Delinea
• Design and enforcement of zero standing privileges and just-in-time (JIT) access models
• Secure onboarding of privileged accounts, including service accounts and administrative users
• Credential rotation policies and integration
• Windows Server & Active Directory
• Proficient in PowerShell scripting for automation and administration
• Managing Services, Scheduled Tasks, IIS Application Pools for identity-dependent services
• Configuring and securing Service Accounts including Group Managed Service Accounts (gMSA)
• Active Directory management, integration with Entra ID, and hybrid identity scenarios
• Networking Fundamentals
• Understanding of Layer 2 and Layer 3 network principles (switching, routing)
• Knowledge of common network ports and protocols critical for identity services
• Awareness of subnetting, firewall rules, and network segmentation relevant to identity security
• Security Analysis & Governance
• Reviewing and interpreting security logs (Azure AD, SIEM, application logs) for anomaly detection
• Performing gap analysis against governance frameworks and security standards
• Gathering and translating functional and non-functional requirements for identity projects

• Preparing and delivering detailed reports and dashboards using Excel and other tools

• Technical Project Leadership: Lead the planning and initiation of cybersecurity projects by developing technical charters, defining objectives, scope, deliverables, and stakeholder engagement strategies. Identify technical requirements, constraints, and risks across Corporate and Control (Operational Technology) environments.

• Solution Delivery and Oversight: Oversee the execution of cybersecurity initiatives, including PAM (Privileged Access Management) , MFA (Multi Factor Authentication), Backup (Recovery backups and Disaster Recovery), Essential 8 and NIST CSF 2.0, by coordinating cross-functional teams, managing technical resources, and ensuring alignment with project timelines, budgets, and quality standards.
• Technical Documentation and Reporting: Develop and maintain comprehensive technical documentation, including architecture designs, implementation plans, and risk assessments. Provide regular updates and insights to stakeholders and executive leadership.
• Stakeholder and Vendor Engagement: Collaborate with internal stakeholders, external vendors, and delivery partners to ensure technical alignment, clear communication, and successful integration of cybersecurity solutions across enterprise and industrial systems.
• Cyber Risk and Threat Management: Identify, assess, and manage cybersecurity risks throughout the project lifecycle. Implement mitigation strategies and ensure alignment with organisational risk frameworks and compliance obligations.
• Security and Quality Assurance: Define and enforce cybersecurity quality standards. Conduct technical reviews, audits, and assessments to ensure solutions meet security, performance, and compliance requirements.
• Continuous Improvement and Innovation: Drive continuous improvement in cybersecurity delivery practices by identifying process enhancements, promoting knowledge sharing, and integrating lessons learned into future initiatives.

Key selection criteria Qualifications

• Demonstrated experience in leading technical delivery within structured project management frameworks such as PRINCE2 or PMBOK.
• Technical Coordination and Readiness: Collaborates with onsite teams to ensure all cybersecurity prerequisites are met prior to delivery partner engagement, including hardware upgrades, network segmentation, system hardening, and SCADA security enhancements.
• Release and Change Management: Oversees release planning activities including coordination with Change Advisory Boards (CAB) and Management of Change (MoC) processes to ensure smooth deployment of cybersecurity solutions.
• Cutover and Implementation Oversight: Leads the cutover process in consultation with delivery partners and site teams, ensuring minimal disruption and secure transition to new systems and controls.
• Resilience and Continuity Planning: Updates Disaster Recovery and Business Continuity Management Plans and contributes to the development and delivery of operational procedures aligned with cybersecurity best practices.
• Cybersecurity Experience Across IT/OT: Brings over 5 years of experience applying cybersecurity principles across both operational technology (OT) and information technology (IT), with a strong understanding of industrial control systems and enterprise environments.