Technical Architect/Lead

Provide technical leadership and hands-on services across the delivery of cybersecurity initiatives including PAM (Privileged Access Management) , MFA (Multi Factor Authentication), Backup (Recovery backups and Disaster Recover) solutions, ensuring integration across Corporate and Control (Operational Technology) environments. Drive capabilities (listed below) while aligning with organisational risk frameworks, compliance obligations, and enterprise security strategy.

• Azure & Identity Security
• Microsoft Entra ID administration and architecture
• MFA adoption strategy, deployment, and tuning
• Designing and managing Conditional Access Policies and Authentication Policies
• Deep understanding of authentication protocols including SAML, OAuth, OpenID Connect
• Monitoring and analysing Sign-In Logs for security and troubleshooting
• Managing Service Principals and application identities
• Implementing and operating Privileged Identity Management (PIM) for Just-In-Time privileged access
• Identity lifecycle management (provisioning, deprovisioning, onboarding/offboarding)
• Privileged Access Management (PAM)
• Experience with enterprise PAM solutions such as CyberArk, BeyondTrust, Thycotic/Delinea
• Design and enforcement of zero standing privileges and just-in-time (JIT) access models
• Secure onboarding of privileged accounts, including service accounts and administrative users
• Credential rotation policies and integration
• Windows Server & Active Directory
• Proficient in PowerShell scripting for automation and administration
• Managing Services, Scheduled Tasks, IIS Application Pools for identity-dependent services
• Configuring and securing Service Accounts including Group Managed Service Accounts (gMSA)
• Active Directory management, integration with Entra ID, and hybrid identity scenarios
• Networking Fundamentals
• Understanding of Layer 2 and Layer 3 network principles (switching, routing)
• Knowledge of common network ports and protocols critical for identity services
• Awareness of subnetting, firewall rules, and network segmentation relevant to identity security
• Security Analysis & Governance
• Reviewing and interpreting security logs (Azure AD, SIEM, application logs) for anomaly detection
• Performing gap analysis against governance frameworks and security standards
• Gathering and translating functional and non-functional requirements for identity projects
• Preparing and delivering detailed reports and dashboards using Excel and other tools
• Communication & Leadership
• Engaging effectively with vendors and stakeholders to align technical solutions with business needs
• Strong skills in influencing and communicating complex technical concepts to non-technical audiences
• Translating business requirements into technical solutions and vice versa
• Leading cross-team collaboration and knowledge transfer

Methods, processes and standards

The Seqwater methodologies, processes and standards will be applicable for this engagement. These are based on industry standard concepts.

Key duties and responsibilities

• Technical Project Leadership: Lead the planning and initiation of cybersecurity projects by developing technical charters, defining objectives, scope, deliverables, and stakeholder engagement strategies. Identify technical requirements, constraints, and risks across Corporate and Control (Operational Technology) environments.
• Solution Delivery and Oversight: Oversee the execution of cybersecurity initiatives, including PAM (Privileged Access Management) , MFA (Multi Factor Authentication), Backup (Recovery backups and Disaster Recovery), Essential 8 and NIST CSF 2.0, by coordinating cross-functional teams, managing technical resources, and ensuring alignment with project timelines, budgets, and quality standards.
• Technical Documentation and Reporting: Develop and maintain comprehensive technical documentation, including architecture designs, implementation plans, and risk assessments. Provide regular updates and insights to stakeholders and executive leadership.
• Stakeholder and Vendor Engagement: Collaborate with internal stakeholders, external vendors, and delivery partners to ensure technical alignment, clear communication, and successful integration of cybersecurity solutions across enterprise and industrial systems.
• Cyber Risk and Threat Management: Identify, assess, and manage cybersecurity risks throughout the project lifecycle. Implement mitigation strategies and ensure alignment with organisational risk frameworks and compliance obligations.
• Security and Quality Assurance: Define and enforce cybersecurity quality standards. Conduct technical reviews, audits, and assessments to ensure solutions meet security, performance, and compliance requirements.
• Continuous Improvement and Innovation: Drive continuous improvement in cybersecurity delivery practices by identifying process enhancements, promoting knowledge sharing, and integrating lessons learned into future initiatives.
• Compliance and Safety: Ensure all activities comply with Seqwater's Work Health and Safety standards, Quality Management System procedures, Environmental Management System procedures, and relevant cybersecurity regulations and frameworks

Key selection criteria Qualifications

• Demonstrated experience in leading technical delivery within structured project management frameworks such as PRINCE2 or PMBOK.
• Technical Coordination and Readiness: Collaborates with onsite teams to ensure all cybersecurity prerequisites are met prior to delivery partner engagement, including hardware upgrades, network segmentation, system hardening, and SCADA security enhancements.
• Release and Change Management: Oversees release planning activities including coordination with Change Advisory Boards (CAB) and Management of Change (MoC) processes to ensure smooth deployment of cybersecurity solutions.
• Cutover and Implementation Oversight: Leads the cutover process in consultation with delivery partners and site teams, ensuring minimal disruption and secure transition to new systems and controls.
• Resilience and Continuity Planning: Updates Disaster Recovery and Business Continuity Management Plans and contributes to the development and delivery of operational procedures aligned with cybersecurity best practices.
• Cybersecurity Experience Across IT/OT: Brings over 5 years of experience applying cybersecurity principles across both operational technology (OT) and information technology (IT), with a strong understanding of industrial control systems and enterprise environments.

Regulatory and Security Compliance: Demonstrates deep understanding of cybersecurity principles, regulatory requirements, and standards relevant to critical infrastructure and enterprise security.

Key role relationships

This position has no supervisory requirements.

• Key internal relationships include:
• Manager, DTI Solution Delivery - for strategic alignment and oversight
• Team Leader, Digital Projects - for coordination across project streams
• Enterprise and Solution Architects - to ensure alignment with architectural and security standards
• Cybersecurity and Infrastructure Teams - for technical implementation and operational integration
• Program and Project Managers - to support planning, risk management, and milestone delivery
• Business Analysts - to translate business requirements into secure technical solutions
• Organisational Change Manager - to support adoption and transition of new security capabilities
• Test Manager and QA Teams - to ensure secure and reliable solution testing
• Project Stakeholders and Subject Matter Experts - for input, validation, and engagement
• Senior Leaders and Executives - to provide technical insights and support informed decision-making
• Key external relationships include:
• Cybersecurity Vendors and Delivery Partners - to coordinate solution design, implementation, and support
• Managed Security Service Providers (MSSPs) - for SOC/SIEM operations and threat intelligence integration
• Technology Integrators and OEMs - for hardware, software, and SCADA/PLC system upgrades
• Regulatory Bodies and Industry Groups - to ensure compliance with cybersecurity standards and frameworks
• Consultants and Auditors - for independent assessments, risk reviews, and quality assurance