Cyber Security Architect

 Posted 3 days ago
     
5-10 years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

The Cyber Security Architect provides security architecture reviews, threat modelling, and assurance across complex digital health and infrastructure initiatives. The role involves validating designs, conducting risk assessments, and providing practical security guidance to delivery teams and suppliers.

Cyber Security Architect


PFH Technology Group are currently recruiting for a Cyber Security Architect to work with our client.


Role Overview


The Cyber Security Architect will work alongside senior architecture colleagues to provide security architecture review, threat modelling and assurance input across multiple national and large-scale and other complex digital health and infrastructure initiatives.


This is a generalist, delivery-facing role. Rather than being aligned to a single programme, the post holder will flex across a portfolio of active programmes as priorities require, reviewing architecture and design artefacts, conducting threat modelling and risk assessments, and providing practical, proportionate security guidance to programme architects, delivery teams and suppliers. The role operates in support of, and under the direction of, the Security Architecture Lead within the team.


The role requires current, hands-on security architecture experience. The post holder will spend the majority of their time on technical review and design validation work across programmes, rather than leading programme-level governance forums.


The CISO Security Architecture Team provides independent security architecture assurance across a portfolio of national digital health programmes and large-scale technology projects. Current and forthcoming programmes drawing on the team include:


National Shared Care Record (NSCR) – integrated access to healthcare information
App – citizen-facing digital health services.
Other large-scale, complex digital health, cloud and infrastructure programmes
Supporting a Secure Procurement process.


The team acts as an independent security assurance function, maintaining separation of concerns from programme-embedded enterprise architecture roles, and supports the clients obligations under NIS2, GDPR, the Cyber Resilience Act (CRA) and related regulatory frameworks.


Key Responsibilities


Architecture Review & Design Input


Review proposed architectures, designs and supplier solutions across assigned programmes to confirm that security requirements, risks and controls are appropriately addressed.


Conduct structured security architecture reviews of solution designs, integrations and architectural artefacts, providing written and verbal findings.


Produce clear, practical security architecture recommendations to support secure design and implementation decisions.


Support the development of secure high-level and low-level designs for applications, cloud services, infrastructure, integrations and identity-related solutions.


Risk & Threat Analysis


Conduct threat modelling, vulnerability analysis and technical risk assessments across programme systems, supplier dependencies and integrations.


Identify security risks, design weaknesses and control gaps, and recommend proportionate mitigation measures.


Monitor the relevant threat landscape and advise on actions required to maintain a defensible security posture.


Support CISO Governance, Risk and Controls teams as a technical SME as required.


Secure Procurement & Assurance


Support secure procurement activities across assigned programmes, including development of security requirements and evaluation criteria for tenders.


Provide SME input into Procurement Evaluation Groups (PEGs) and technical evaluation panels.


Support Request for Specific Approval (RSA) reviews and formal responses where required.


Define and review penetration testing scopes, liaise with vendors, and analyse results.
Standards, Patterns & Compliance


Contribute to and maintain security architecture standards, design principles, reference patterns and supporting guidance for use across programmes.


Support compliance with the NIS2 Directive, Cyber Resilience Act (CRA), GDPR, Data Protection Act 2018, ISO 27001, NIST CSF and HSE cyber security policy.


Stakeholder Engagement


Work closely with programme architects, delivery teams, Information Asset Owners and suppliers to embed security into design and delivery.


Explain technical security findings clearly to both technical and non-technical stakeholders.


Contribute security findings and recommendations to programme governance forums and design authorities as required, in a supporting and assurance capacity.


Work collaboratively with senior colleagues within the Security Architecture Team, escalating material risks and design concerns as appropriate.


Documentation & Continuous Improvement


Maintain accurate security architecture documentation, review records and risk registers.


Support internal and external audits by providing evidence and contributing to remediation plans.


Contribute to continuous improvement of security architecture standards and assurance methods across the team.
 
Required Skills and Experience


Significant current, hands-on experience in security architecture, cyber security engineering or solution architecture (not solely GRC or assurance oversight).


Demonstrable recent experience reviewing and advising on security architecture for complex digital, cloud or integration-heavy solutions.


Experience producing technical security artefacts: threat models, risk assessments, design reviews, architecture patterns.


Strong working knowledge of NIS2, ISO 27001, NIST CSF and GDPR (or equivalent regulatory frameworks).


Experience with cloud and hybrid security architecture (Azure and/or AWS), identity and access management, and network security design.


Ability to work across multiple concurrent programmes and re-prioritise as demands change.
Strong written and verbal communication skills, with the ability to translate technical findings for non-technical audiences.


Desirable Skills, Experience and Qualifications


Experience in security architecture or assurance for healthcare, digital health or other critical national infrastructure programmes.


Familiarity with health interoperability standards: HL7 FHIR, HL7 v2, IHE profiles, openEHR.


Experience embedding security into DevSecOps and secure-by-design software delivery pipelines.


Practical experience with relevant tooling: threat modelling tools (e.g. Microsoft Threat Modeling Tool, OWASP Threat Dragon), vulnerability scanning (e.g. Nessus), SIEM platforms, Azure AD/Entra ID, ServiceNow GRC, Visio or equivalent.
Relevant professional certification (e.g. CISSP, CISM, SABSA, TOGAF, CCSP, AZ-305) advantageous.


Experience in the Irish healthcare or public sector environment.
 
PFH Technology, owned by Ricoh – a Japanese based global ICT company, is a premier provider of end-to-end ICT solutions and a managed services portfolio scaling from SMEs to large Enterprise organisations. We have unrivalled vendor relationships. We can procure, design, deploy and support all your ICT needs. Our ISO certified Custodian™ Cloud Services and Custodian™ Managed Services provide the technology and expertise to mitigate risk and reduce your costs immediately. We have a nationwide network of over 750 dedicated professionals, ready to meet your ICT needs, with offices in Dublin, Cork and Galway.

We are an equal opportunity employer and value diversity at PFH. We do not discriminate on the basis of age, disability, civil or family status, gender, gender identity or expression, sexual orientation, race, religion, or any other legally protected status.
We are committed to ensuring that individuals with disabilities or access needs are provided with reasonable accommodation during the recruitment process, to perform essential job functions, and to access the full benefits of employment. Please contact us if you require accommodation at any stage

Similar Jobs

See all Remote Software Development jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Security Architect

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified