About the Company
Our client is an innovative government organisation operating within the utilities sector
About the Role
As the Security Architect, you’ll provide expert guidance across cloud platforms, SaaS environments, corporate systems, and renewable energy operational assets. You’ll uplift security maturity, strengthen cyber resilience, and embed secure design principles across a rapidly evolving technology and operational landscape.
This is a hands‑on, delivery‑focused role working across IT, OT and cloud—ideal for someone who thrives in dynamic, high‑impact environments.
Key responsibilities:
Security Architecture
- Maintain an end‑to‑end security architecture view across IT, OT and interconnected platforms including DERMS/VPP, cloud services and renewable generation assets.
- Define clear guardrails, reusable patterns and non‑negotiables to ensure safe, secure delivery across projects and vendors.
- Produce conceptual and high‑level security designs aligned to business and operational requirements.
- Advise on IT/OT architectures including SCADA/ICS components and secure design considerations.
OT Cyber Security
- Design and operationalise OT cyber controls for solar, wind, BESS and hybrid sites.
- Develop secure patterns for SCADA, BMS/EMS integrations, dispatch paths, remote access and vendor support models.
- Identify OT security gaps, lead remediation, and embed pragmatic compensating controls where needed.
Standards, Governance & Assurance
- Develop and maintain security standards, reference architectures and patterns.
- Provide security design assurance, review vendor designs, and escalate residual risks appropriately.
- Conduct security assurance across delivery cycles including requirements, design, validation and go‑live readiness.
- Apply frameworks such as AESCSF, NIST and ISO 62443 pragmatically within projects.
Identity & Access Management
- Improve joiner/mover/leaver processes, access governance and auditability.
- Lead adoption of MFA, SSO/federation and privileged access management.
- Define secure remote access pathways for vendors and OT environments.
Threat Modelling & Zero Trust
- Embed threat modelling across cloud, IT and OT projects.
- Apply Zero Trust principles in a practical, operationally realistic manner.
Threat & Vulnerability Management
- Establish consistent vulnerability management across IT, SaaS, cloud and OT.
- Work with internal teams and vendors on patching constraints, posture drift and upgrade planning.
Cloud Security
- Provide hands‑on cloud security architecture guidance across monitoring, segmentation, encryption, CI/CD pipelines, secrets management and detection/response integration.
About You
- 10+ years in technology roles, including 5+ years in security architecture or senior security engineering.
- Strong experience defining security guardrails, patterns and influencing delivery outcomes.
- Practical experience implementing threat modelling and Zero Trust.
- Strong IAM experience (SSO, MFA, PAM, third‑party access).
- Hands‑on cloud security architecture experience (Azure/AWS).
- Deep understanding of AESCSF and ability to translate frameworks into actionable controls and evidence.
- Experience working with Australian regulatory and assurance environments (e.g., SOCI Act).
- Ability to operate in fast‑paced environments and build strong stakeholder relationships.
- Exposure to OT/ICS/SCADA environments and security principles.
- Experience with ISO 62443 or NIST ICS standards (Advantageous)
- Cloud security certifications (AWS/Azure) (Advantaegous)
- Relevant certifications such as CISSP, SABSA or CISM
The Benefits
- Healthy salary package
- Opportunity to take ownership and drive delivery
- Chance to work in the renewable energy space
- Hybrid working arrangements
Please apply with current resume in Microsoft Word format only (.doc or .docx). If you would like to have a confidential discussion, please contact Maaz Mian on Maaz.Mian@Davidsonwp.com, quoting reference JN -012026-42291. Want to know more about Davidson? Visit us at www.davidsonwp.com
