Cybersecurity Architect
Our client is rapidly transforming our organization to deliver great gaming experiences through digital, retail lottery, and land-based gaming channels. Over the course of fiscal 2022-23, we delivered a record $2.5 billion in net profit. They are now expanding our horizons further with a new strategic direction to become a world-class gaming entertainment leader with a globally admired digital platform.
They are ready to take this game to the next level and need a passionate Cybersecurity Architect to proactively and holistically identify and lead the development of Enterprise Cybersecurity transformation and optimization initiatives. This role is accountable for the creation of the Enterprise Cybersecurity Architecture and Roadmap, which includes architectural views, business capability maps, reference models, technology blueprints, and cybersecurity patterns. The Cybersecurity Architect guides enterprise leaders, product managers, product owners, and product delivery teams across the organization to achieve business outcomes related to growing revenue, optimizing costs, mitigating risks, and improving sustainability. The Cybersecurity Architect also incorporates Business and Application Architecture Domains to ensure alignment between business strategies and the Enterprise cybersecurity posture.
YOUR ROLE
Reporting to the VP, Cyber and Information Security, you will be empowered to:
-
Lead the development of the Cybersecurity Architecture, Roadmap, strategy, and design, including policies, procedures, and standards. Translate business strategies and proactively identify innovation opportunities, building, executing, and iterating a target-state integrated system architecture clearly aligned to the overall Enterprise Architecture & Roadmap, business, technology, and threat drivers exceeding customers’ security and privacy expectations.
-
Lead the analysis of the enterprise cybersecurity and future state security capabilities, developing strategic blueprints for security technology. Proactively identify and assist the organization in responding to disruptive forces, identifying key value drivers, critical deficiencies, gaps, and opportunities for inclusion in Enterprise Architecture future-state artifacts.
-
Develop and implement Cybersecurity Architecture governance, product, and capabilities, including standard definition, tool rationalization, methodologies, actionable security design patterns, and policies. Provide service and operational support for third-party service providers in a consistent manner to drive enterprise security standards, policies, and processes while ensuring regulatory compliance.
-
Lead and facilitate interactions across the organization, service providers, and key strategic enablers in business-driven conversations regarding the risks and implications of the Cybersecurity Architecture & Roadmap. Enhance security posture and awareness by providing consultative advice, adapted to stakeholder context, to business leaders and organizational stakeholders seeking actionable recommendations to make technology investment decisions.
-
Support portfolio modernization and develop roadmaps to maintain the alignment, integration, and coordination of architecture activities across different programs, projects, and products as they evolve over time.
-
Collaborate with all delivery teams (Digital Labs, Product Squads, EIM, Chapter Leads, etc.) to ensure consistency with the enterprise architecture and leverage shared technologies, tools, and processes that impact speed to value and time to market.
-
Develop and maintain security design and documentation, including the definition of design patterns at the system and subsystem levels. Address security concerns related to management, access control, and data protection, which can be leveraged by delivery teams, including product squads and Infrastructure and Cloud Services, while ensuring regulatory compliance and alignment with Enterprise Architecture.
-
Oversee the research, planning, and design of security architecture for IT systems across the enterprise. Develop and manage the Cyber and Information Security technology roadmaps, plans, and related budgets.
-
Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
-
Stay up to date on current security news, trends, and alerts, and plan accordingly to protect the organization against emerging threats. Provide guidance and content expertise on industry best practices, current trends, and topics relevant to information security strategy and practices.
-
Lead and provide advice to security awareness and training initiatives to educate employees on security standards and promote a proactive culture of security within the organization.
-
Inspire, motivate, and empower people to achieve organizational goals. Coach, mentor, and manage employee experience and performance through thoughtful preparation. Create space for others to lead. Demonstrate strength in leadership competencies.
-
Effectively facilitate information sharing and ideation and create an inclusive environment where diversity of thought is celebrated and teams feel empowered to participate and contribute freely in support of the organization’s culture, strategy, and ways of working.
-
WHAT YOU NEED TO PLAY
Education & Knowledge:
-
Post-secondary degree, preferably in an information technology, cybersecurity, or related field.
-
Proven understanding of enterprise architecture and experience in developing new architecture systems.
-
Experience:
-
Minimum of ten (10) years of experience in progressively advancing roles within Technology or a related function.
-
Minimum of five (5) years of Security Architect experience.
-
Minimum of ten (10) years of experience as an Enterprise Architect or related role.
-
Proven experience developing and implementing business and application architectures within a technology function.
-
Critical Skills:
-
Analytical thinking and problem-solving skills with an ability to negotiate and trade-off technology options against goals and cost.
-
Ability to deal with both abstract and concrete concepts and reconcile and translate them for the appropriate audience.
-
Ability to maintain both a strategic long-term outlook and enterprise perspective while supporting tangible, business-driven, and IT-delivered solutions.
-
Quickly understand organizational dynamics and work effectively in a fast-paced, results-driven company.
-
Strong ability to work in ambiguity and collaboratively bring clarity to resolve problems.
-
Demonstrated ability to interpret business needs at tactical and strategic levels.
-
Highly organized with the ability to assist business and technology stakeholders in governance processes.
-
Strong ability to combine business and technical thinking.
-
Exceptional communication skills, with the ability to collaborate across cross-functional teams, translate complex cybersecurity concepts into clear, actionable insights for non-technical stakeholders, and ensure precise, comprehensive documentation to support security protocols and compliance.
-
Negotiation and Influence:
-
Ability to negotiate and influence effectively while being open to perspectives and maintaining strong relationships.
-
Strategic Thinker:
-
Strong strategic and critical thinker with the ability to find creative solutions to unique challenges.
-
Collaboration & Fun:
-
Inclusive and collaborative work style while creating fun and excitement in our work.
-
Integrity and Trust:
-
Do what’s right and operate with transparency and openness.
-
Licenses, Registrations, Certificates:
-
AGCO Category 1 Gaming Assistant Registration (initiated at offer stage — employment is conditional upon obtaining and maintaining this license).
-
Advanced certification in security (CISSP), risk management (CRISC), and/or Certified Information Security Manager (CISM) and/or other security certifications.
-
Knowledge and experience with industry standards, including PCI DSS, ISO 27001, SOC2, and NIST framework.
-
Knowledge of tools, techniques, and processes around information security architecture, technologies, security management, security administration, data privacy, computer forensics, penetration testing, business continuity planning, vulnerability assessment, firewall management, network and internet security, and computer network defense.
-
Experience collaborating with product owners and delivery teams to define, design, and deliver roadmaps and architecture patterns, including experience with architecture runways.
-
Knowledge of architecture development methodology (ADM) and TOGAF is preferred (Zachman and others will be considered).
-
Knowledge of information technology environments, including cybersecurity, encryption methods, and privacy-based solutions.
-
Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, and log management technology.
-
Experience reviewing application code for security vulnerabilities and using vulnerability management tools.
-
Experience securing CI/CD pipelines and automation systems.
-
Documented experience and a strong working knowledge of conducting threat-modeling exercises on new applications and services.
-
Full-stack knowledge of IT infrastructure (applications, databases, operating systems — Windows, Unix, Linux and OpenVMS, virtualization hypervisors, IP networks — WAN and LAN, storage networks, containers – Docker/Kubernetes).
-
Experience designing IAM technologies and services.