Information Security Architect

Meet Unit4—a fast-paced, game-changing SaaS company revolutionising ERP for scale-ups, mid-market organizations, and category leaders. For 40 years, the ERP industry has been bogged down by clunky, legacy systems, and Unit4 is here to shake things up. Unit4 empowers ambitious businesses with cutting-edge ERP solutions that are adaptive, intuitive, and self-driving—designed to free organizations from the mundane and help them focus on what truly matters.

Essential Experience:

• 7–10+ years’ experience in IT or cybersecurity, with at least 3 years in a dedicated security architecture role.
• Relevant industry certifications (e.g., CISSP, Microsoft Certified: Cyber security Architect Expert (SC-100), Azure Security Engineer (AZ-500)).
• Proven experience designing large-scale, secure enterprise solutions in complex organisations.
• Deep technical expertise across cloud (Azure required), identity, network, endpoint, SaaS, and modern enterprise architectures.
• Strong hands-on knowledge of Microsoft security technologies (Defender XDR, Defender for Cloud, Conditional Access, Entra ID governance, PIM, etc.).
• Demonstrated experience delivering Zero Trust concepts in production environments.
• Strong understanding of DevSecOps principles and automation tooling.
• Ability to clearly articulate security risks and solutions to engineering teams and executive stakeholders.

Desirable Experience:

• Knowledge of major frameworks (NIST, ISO27001, SOC reporting, CIS, MITRE ATT&CK, CSA CCM).
• Experience with IaC tools (Terraform, Bicep) and scripting languages (PowerShell, Python).
• Experience designing scalable architectures for hybrid or multi-cloud environments.
• Prior experience in large enterprises, SaaS providers, or regulated sectors.

Soft Skills:

• Strong consulting-style capability: facilitation, stakeholder engagement, and outcome-based delivery.
• Comfortable operating in ambiguous environments and simplifying complexity.
• Ability to operate independently, managing multiple projects and driving technical decisions.
• Strategic thinker able to connect long-term goals with short-term action.
• Collaborative and credible across cross-functional teams.
• Passionate about security, innovation, and helping the organisation grow securely.

Enterprise Security Architecture:

• Lead the security target-state architecture and multi-year roadmap, aligning risk reduction and business outcomes; socialize trade-offs with CISO/CTO/CIO leadership.
• Lead enterprise architecture assessments across multiple environments including Cloud (Azure) security and network infrastructure, identity & access management, endpoint protection, CI/CD pipelines, SOC/SIEM capabilities, security governance, and platform security.
• Partner closely with Cloud Ops, Internal IT, and Product Architecture to ensure security is designed into enterprise platforms and product roadmaps.
• Develop security strategies, roadmaps, reference architectures, and patterns aligned to Unit4’s security vision.
• Design and implement layered enterprise security architectures ensuring defence-in-depth and resilience.
• Act as a senior architectural authority providing viewpoints on security principles, technologies, and patterns.
• Ensure architectural decisions incorporate regulatory, customer, and audit requirements (ISO/IEC 27001, SOC reporting, BSI C5, NIST, CIS Benchmarks, MITRE ATT&CK, CSA CCM).
• Partner with IT and CloudOps to embed security controls and influence technology decisions.
• Engage with senior stakeholders to shape cyber direction and ensure architectural consistency.

Cloud & Infrastructure Security:

• Secure architecture for multi-cloud environments (Azure primary; awareness of AWS/GCP) across networking, compute, data, containers, and serverless.
• Collaborate on security design, engineering, and implementation within Microsoft 365 and Entra ID ecosystems.
• Act as subject matter expert for Microsoft security tooling including Defender XDR, Defender for Cloud, Azure Policy, Endpoint management, and Conditional Access.
• Implement cloud-native architectures leveraging existing and emerging frameworks.
• Build secure designs with Zero Trust for hybrid working, micro-segmentation, identity-centric access, private connectivity, and policy-as-code guardrails.
• Evaluate new cloud services to identify and mitigate risks before adoption.

Cloud Operations and Product:

• Ensure security controls are integrated into CI/CD pipelines and DevSecOps practices.
• Collaborate on security design for workloads deployed on Microsoft Azure ensuring alignment with corporate security policy and regulatory requirements.
• Act as SME for Azure's native security tooling including Microsoft Defender for Cloud, Azure Policy, and Azure Network Security.
• Develop secure reference architectures for Azure cloud services covering networking, container platforms, compute, and storage & data services.
• Mature security by design in Product, implementing compliance checks into pipeline and architecture review.
• Contribute security non-functional requirements, reference patterns, and threat models to Product roadmaps.

Thought Leadership & Capability Building:

• Contribute to enterprise blueprints, playbooks, and whitepapers to mature architectural practice.
• Support development of Unit4’s secure culture and uplift security knowledge across technical teams.
• Serve as a trusted advisor articulating complex security concepts and risks to technical and non-technical audiences.

This role may require security clearance for customer projects and access to sensitive customer data. Background checks may be requested after offer acceptance, including criminal record declaration, right to work, personal identification, and work history, subject to local laws and privacy regulations.