Senior Lead Consultant - Security Architecture & Risk Assessment

Job Summary:

We are looking for a seasoned Senior Lead Consultant - Security Architecture & Risk Assessment to guide the development and assessment of secure enterprise architectures, with a strong focus on identifying and mitigating technology and cyber risks. This role is responsible for designing and reviewing security architectures, conducting risk assessments, and advising clients or internal stakeholders on security strategies that align with business and regulatory requirements.

This position is ideal for professionals with deep expertise in security frameworks, architectural review, and risk advisory across cloud and on-prem environments.

Key Responsibilities:

• Lead the design and evaluation of security architectures for applications, infrastructure, and enterprise systems.
• Perform risk assessments and threat modeling to identify vulnerabilities and recommend mitigation strategies.
• Collaborate with solution architects, developers, and infrastructure teams to ensure secure-by-design principles are embedded across projects.
• Review cloud and hybrid security implementations across platforms such as AWS, Azure, or GCP.
• Evaluate and enhance security controls and architectures based on industry standards (e.g., NIST, ISO 27001, CIS, Zero Trust).
• Provide consultative support during audits, compliance reviews, and risk management initiatives.
• Document and present architecture decisions, risk assessments, and remediation recommendations to technical and non-technical stakeholders.
• Mentor junior consultants and support the development of reusable templates, methodologies, and security architecture standards.

Qualifications:

• Bachelors degree in Computer Science, Information Security, Engineering, or related field.
• 8-12 years of experience in cybersecurity, risk management, or enterprise architecture roles, with at least 3 years in a lead or advisory capacity.
• Proven experience designing or reviewing secure architectures in cloud, hybrid, or on-premise environments.
• Strong knowledge of security frameworks and methodologies such as NIST CSF, ISO 27001, SABSA, or TOGAF.
• Experience conducting technical risk assessments and implementing mitigation plans.
• Solid understanding of IAM, network security, data protection, and application security principles.
• Excellent communication and stakeholder engagement skills, with the ability to lead conversations with technical and executive audiences.

Preferred Certifications:

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• AWS/Azure Security Specialty or Architect certifications
• CRISC, SABSA, or other enterprise architecture/risk credentials