Please mention DailyRemote when applying
Cyber Security Architect
PFH Technology Group are currently recruiting for a Cyber Security Architect to work with our client.
Role Overview
The Cyber Security Architect will work alongside senior architecture colleagues to provide security architecture review, threat modelling and assurance input across multiple national and large-scale and other complex digital health and infrastructure initiatives.
This is a generalist, delivery-facing role. Rather than being aligned to a single programme, the post holder will flex across a portfolio of active programmes as priorities require, reviewing architecture and design artefacts, conducting threat modelling and risk assessments, and providing practical, proportionate security guidance to programme architects, delivery teams and suppliers. The role operates in support of, and under the direction of, the Security Architecture Lead within the team.
The role requires current, hands-on security architecture experience. The post holder will spend the majority of their time on technical review and design validation work across programmes, rather than leading programme-level governance forums.
The CISO Security Architecture Team provides independent security architecture assurance across a portfolio of national digital health programmes and large-scale technology projects. Current and forthcoming programmes drawing on the team include:
National Shared Care Record (NSCR) – integrated access to healthcare information
App – citizen-facing digital health services.
Other large-scale, complex digital health, cloud and infrastructure programmes
Supporting a Secure Procurement process.
The team acts as an independent security assurance function, maintaining separation of concerns from programme-embedded enterprise architecture roles, and supports the clients obligations under NIS2, GDPR, the Cyber Resilience Act (CRA) and related regulatory frameworks.
Key Responsibilities
Architecture Review & Design Input
Review proposed architectures, designs and supplier solutions across assigned programmes to confirm that security requirements, risks and controls are appropriately addressed.
Conduct structured security architecture reviews of solution designs, integrations and architectural artefacts, providing written and verbal findings.
Produce clear, practical security architecture recommendations to support secure design and implementation decisions.
Support the development of secure high-level and low-level designs for applications, cloud services, infrastructure, integrations and identity-related solutions.
Risk & Threat Analysis
Conduct threat modelling, vulnerability analysis and technical risk assessments across programme systems, supplier dependencies and integrations.
Identify security risks, design weaknesses and control gaps, and recommend proportionate mitigation measures.
Monitor the relevant threat landscape and advise on actions required to maintain a defensible security posture.
Support CISO Governance, Risk and Controls teams as a technical SME as required.
Secure Procurement & Assurance
Support secure procurement activities across assigned programmes, including development of security requirements and evaluation criteria for tenders.
Provide SME input into Procurement Evaluation Groups (PEGs) and technical evaluation panels.
Support Request for Specific Approval (RSA) reviews and formal responses where required.
Define and review penetration testing scopes, liaise with vendors, and analyse results.
Standards, Patterns & Compliance
Contribute to and maintain security architecture standards, design principles, reference patterns and supporting guidance for use across programmes.
Support compliance with the NIS2 Directive, Cyber Resilience Act (CRA), GDPR, Data Protection Act 2018, ISO 27001, NIST CSF and HSE cyber security policy.
Stakeholder Engagement
Work closely with programme architects, delivery teams, Information Asset Owners and suppliers to embed security into design and delivery.
Explain technical security findings clearly to both technical and non-technical stakeholders.
Contribute security findings and recommendations to programme governance forums and design authorities as required, in a supporting and assurance capacity.
Work collaboratively with senior colleagues within the Security Architecture Team, escalating material risks and design concerns as appropriate.
Documentation & Continuous Improvement
Maintain accurate security architecture documentation, review records and risk registers.
Support internal and external audits by providing evidence and contributing to remediation plans.
Contribute to continuous improvement of security architecture standards and assurance methods across the team.
Required Skills and Experience
Significant current, hands-on experience in security architecture, cyber security engineering or solution architecture (not solely GRC or assurance oversight).
Demonstrable recent experience reviewing and advising on security architecture for complex digital, cloud or integration-heavy solutions.
Experience producing technical security artefacts: threat models, risk assessments, design reviews, architecture patterns.
Strong working knowledge of NIS2, ISO 27001, NIST CSF and GDPR (or equivalent regulatory frameworks).
Experience with cloud and hybrid security architecture (Azure and/or AWS), identity and access management, and network security design.
Ability to work across multiple concurrent programmes and re-prioritise as demands change.
Strong written and verbal communication skills, with the ability to translate technical findings for non-technical audiences.
Desirable Skills, Experience and Qualifications
Experience in security architecture or assurance for healthcare, digital health or other critical national infrastructure programmes.
Familiarity with health interoperability standards: HL7 FHIR, HL7 v2, IHE profiles, openEHR.
Experience embedding security into DevSecOps and secure-by-design software delivery pipelines.
Practical experience with relevant tooling: threat modelling tools (e.g. Microsoft Threat Modeling Tool, OWASP Threat Dragon), vulnerability scanning (e.g. Nessus), SIEM platforms, Azure AD/Entra ID, ServiceNow GRC, Visio or equivalent.
Relevant professional certification (e.g. CISSP, CISM, SABSA, TOGAF, CCSP, AZ-305) advantageous.
Experience in the Irish healthcare or public sector environment.
PFH Technology, owned by Ricoh – a Japanese based global ICT company, is a premier provider of end-to-end ICT solutions and a managed services portfolio scaling from SMEs to large Enterprise organisations. We have unrivalled vendor relationships. We can procure, design, deploy and support all your ICT needs. Our ISO certified Custodian™ Cloud Services and Custodian™ Managed Services provide the technology and expertise to mitigate risk and reduce your costs immediately. We have a nationwide network of over 750 dedicated professionals, ready to meet your ICT needs, with offices in Dublin, Cork and Galway.
We are an equal opportunity employer and value diversity at PFH. We do not discriminate on the basis of age, disability, civil or family status, gender, gender identity or expression, sexual orientation, race, religion, or any other legally protected status.
We are committed to ensuring that individuals with disabilities or access needs are provided with reasonable accommodation during the recruitment process, to perform essential job functions, and to access the full benefits of employment. Please contact us if you require accommodation at any stage
Stop the endless job search. Our AI finds and applies to the best jobs for you.
Discover remote opportunities in Security Architect
Answer easy questions
200,000+ jobs across 15+ categories
Get your best job matches
Only hand-screened, legit jobs
Find a remote job faster
No ads, scams, or junk
“ I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!