Senior Cyber Security Solution Architect

We are seeking an experienced Senior Cyber Security Solution Architect to be responsible for designing and guiding the implementation of robust, scalable, secure, and cost-effective technology solutions that meet business needs.

This role is focussed on Cyber Security initiatives and is required to work across multiple projects, ensuring alignment with enterprise architecture standards, IT strategy, and best practices while collaborating closely with stakeholders from business, architecture, delivery, and operations teams. 

Estimated start date

Friday, 31 October 2025

Initial contract duration

8 Months

Extension term

12 months

Number of extensions

1

Location of work

QLD, WA, ACT, VIC, NSW, NT, SA, TAS

Working arrangements

Hybrid

Maximum hours

36.75 hours per week

Security clearance

Must possess Negative Vetting Level 1

Key duties and responsibilities

The solution architect will be aiming to carry out the following activities:  

Solution Design & Architecture: 

1. Design integrated solutions across a range of projects across cyber security initiatives and infrastructure modernisation, considering functional and non-functional requirements
2. Ensure architectural consistency and alignment with enterprise strategies, cyber frameworks, infrastructure standards, architecture principles and roadmaps.
3. Produce high-quality architecture documentation including solution overviews, interface diagrams, and security considerations.
4. Identify and evaluate options for technology integration, reuse, or innovation.

Project Engagement:

1. Work across multiple concurrent projects providing architectural oversight and assurance from initiation through delivery.
2. Collaborate with Business Analysts, Project Managers, Technical Leads, Developers, and Testers to ensure designs are understood and implemented correctly.
3. Support project scoping by estimating architecture/design effort, identifying dependencies and technical risks. .

Governance & Standards: 

Participate in architecture governance processes, contributing to and reviewing architecture decisions and designs. 

Ensure solutions comply with relevant security, data, and operational standards. 

Advocate and embed best practices in solution design, integration, and sustainability. 

Stakeholder Engagement:

Engage with business stakeholders to understand strategic goals and translate them into technical solutions. 

Act as a trusted advisor to project and business teams on technology strategy and direction. 

Communicate complex technical concepts in clear and non-technical language for decision-makers. 

Continuous Improvement:

Monitor emerging technology trends and assess their potential value or impact. 

Provide feedback and recommendations to improve architecture frameworks and delivery models. 

The Must Haves:

• Security Architecture & Frameworks: Reference architectures, control mapping/trade-offs; TOGAF; NIST CSF alignment.
• Threat Modelling & Risk-Based Controls: trust boundaries, compensating controls, residual-risk write-ups.
• Compliance & Assurance: ACSC Essential Eight, Australian Government ISM, ISO 27001, NIST 800-53/171; IRAP awareness; design reviews and attestation.

Experience in one or more of the following domains: 

System Security

• Zero Trust & Network Security: Micro-segmentation (e.g., Illumio/Prisma), WAF/API gateways, DoS/CDN patterns.
• Cloud Security Architecture (Azure-first, multi-cloud aware): Landing zones, Policy/Blueprints, Defender for Cloud, Key Vault/Private Link; AWS/GCP org controls, IAM, KMS.
• Kubernetes/OpenShift & Platform Security: RBAC/admission controls, namespaces/tenancy, network policies, image signing; workload hardening (CIS, golden images).
• Application, API & DevSecOps: SAST/DAST/IAST, dependency scanning, API security (mTLS, rate-limiting, schema validation, APIM, IaC security in pipelines (Terraform/GitHub).
• PKI, Certificates & TLS: CA hierarchy, OCSP/CRL, auto-enrolment; cert lifecycle at scale; TLS/mTLS for services/edge/IoT.

Data Security

• Data Protection & Governance: Purview classification/labelling/DLP (M365/Endpoint/Cloud), encryption patterns

Identity Security

• Identity & Secrets Management: Entra ID/AAD patterns, OAuth2/OIDC/SAML, Conditional Access/MFA; secrets management (PAM, Vault, GitOps secrets hygiene).

Incident Response Security

• Detection & Response Engineering: SIEM/SOAR (Microsoft Sentinel/Splunk), KQL/SPL, playbooks; Defender, telemetry and containment runbooks.

You MUST be an Australian Citizen and hold a minimum of an NV1 Security Clearance to be considered for this role.

For more information contact Mitchell on

Only shortlisted candidate will be contacted for this role.