Senior Manager (Secure by Design)

Directs Secure by Design (SbD) assessments across multiple projects simultaneously to ensure process abidance and thorough security integration.Leads the development of SbD principles and controls to align organizational design practices with risk appetite and security frameworks.Chairs security architecture governance forums to review high-risk designs and approve necessary exceptions or enhancements.Evaluates new service proposals and existing systems to identify architectural weaknesses and support cost-effective risk treatment decisions.Establishes a continuous remediation program for existing services to identify and prioritize the closure of security design gaps.Collaborates with engineering and DevOps teams throughout the SDLC to integrate security patterns and ensure remediation plans are actionable.Defines and evolves secure design standards and reference architectures to maintain alignment with ISO 27001, NIST, and PCI DSS requirements.Communicates security expectations and residual risk exposures to technical and non-technical stakeholders to drive informed business decisions.Produces comprehensive reporting on design-related vulnerability trends to provide leadership with visibility into the security design posture.Mentors architecture and engineering teams on secure design best practices to promote security adoption within Agile and DevOps environments.SkillsINTERPERSONAL SKILLS • Demonstrated leadership in steering cross-functional teams and influencing without direct authority. • Effective coach and mentor for teams in adopting secure-by-design principles. • Strong risk analysis, problem-solving and decision-making skills. • Excellent communication skills to articulate complex security topics to varied audiences. • Proven ability to build trust and collaborate with stakeholders across business and technology domains.TECHNICAL SKILLS • Deep understanding of security principles, secure architecture patterns, secure network design, threat modelling techniques, and system design. • Knowledge of modern technology stacks including cloud platforms, APIs, microservices, identity and access management, and secure development practices. • Experience managing security initiatives at scale, including tracking delivery, dependencies and risk mitigation outcomes • Capability to assess complex architectures and distil clear, actionable security recommendations. • Ability to translate business strategy into a security design roadmap and priorities. • Strong understanding of evolving threat landscapes and emerging technologies. • Professional certifications such as CISSP, CCSP, SABSA, TOGAF, or relevant cloud security/architecture certifications. PROFESSIONAL EXPERIENCE • +10 years of experience in Cybersecurity or secure architecture roles, including significant experience with security design and remediation MANAGEMENT EXPERIENCE • +5 years EDUCATIONAL BACKGROUND • Bachelor’s degree in Cyber Security, Computer Science, Information Technology or related field. • Relevant certifications may include: o CISSP – Certified Information Systems Security Professional o CISM – Certified Information Security Manager o CRISC – Certified in Risk and Information Systems Control o CISA – Certified Information Systems Auditor o ISO 27001 Lead Implementer or Lead Auditor