Security Architect - Global Enterprise (based in MY)
Kuala Lumpur
Tetap
Sepenuh masa
20 hari lepas
Security Architect - Global Enterprise (role based in Malaysia) We are representing a global enterprise with a strong technology and innovation mandate. The organization operates at scale across multiple regions, with complex business environments and highly interconnected technology ecosystems. They are investing heavily in building secure, resilient, and future-ready platforms - and are seeking a Security Architect who can be both a visionary and a hands-on problem solver. This is not a maintenance role - it's an opportunity to influence enterprise-wide architecture decisions, shape security strategy, and introduce forward-looking technologies into production. You will be working in a high-trust environment with direct access to senior decision-makers, leading security innovation that impacts millions of end users worldwide. What You'll Do Own and evolve the enterprise security architecture principles, ensuring they are practical, adaptable, and future-proof. Create reusable reference architectures, blueprints, and security design patterns to accelerate secure delivery. Embed security into solution designs early, influencing both technical direction and business decisions. Partner with engineering, product, and infrastructure teams to integrate modern security practices like zero trust, cloud-native security, and DevSecOps pipelines. Identify and assess emerging technologies (e.g., AI-driven security tooling, advanced identity solutions), conducting POCs and recommending adoption strategies. Balance risk management with innovation, ensuring compliance while enabling agility. Provide a trusted voice to leadership on evolving threats, regulatory shifts, and security capabilities. What We're Looking For Significant experience (12+ years) in IT security, with a strong record in architecture, cloud transformation, and secure system design. Deep familiarity with frameworks such as NIST, MITRE ATT&CK/DEFEND, ISO 27000, and practical regulatory compliance. Proven ability to communicate complex security topics to senior stakeholders in plain business terms. Hands-on proficiency in areas like containerization, cloud-native architecture, IAM, and application security. Experience with secure development, DevSecOps tooling, and CI/CD integration. Scripting capability in Python, Bash, or PowerShell for automation and proof-of-concept work. Track record of operating in large, complex organizations with global reach. Preferred Credentials CISSP, CCSP, or equivalent senior-level certifications. Offensive or penetration testing credentials (OSCP, OSWE, GIAC GWAPT, GPEN) are highly regarded. Cloud platform certifications and Kubernetes credentials (CKA, CKS). Why This Role Is Different Global scale: Your work will span multiple geographies, business lines, and technology stacks. Direct influence: You'll work closely with senior leaders to shape enterprise security strategy. Technology runway: Access to modern platforms and a budget to trial emerging tools and architectures. Hybrid remit: Strategic vision and tactical execution - you'll architect and also get hands-on where it matters. Show more Show less