Global Security Architect en Crawford & Company Australia Pty Ltd

•Define and guide the implementation of security architectures and engineering standards for our global cloud environments (AWS, Azure,ADO), ensuring a consistent and robust security posture.
• Collaborate closely with Development, Operations, Enterprise Architecture, and Security teams to ensure the security strategy and architecture are tightly aligned with business objectives, security frameworks, and regulatory requirements.
• Actively contributes to technical security discussions and working groups, championing security best practices and architectural patterns across cloud,on-premises, and end-user computing.
•Architect, implement, and maintain secure cloud infrastructure, security services, and security applications, leveraging automation tools and security frameworks (e.g., Terraform, Snyk, AppCheck, security-as-code).
• Proactively monitor and troubleshoot cloud security performance, availability, and security incidents, utilizing security-focused tools and metrics (e.g., cloud security monitoring platforms, SIEM integrations).
• Optimize and enhance the security, resilience, scalability, and cost effectiveness of cloud environments through secure design principles,
security controls, and best practices.
• Champion the security vision, strategy, policies, and capability for cloud and other IT domains with Corporate and Business IT leadership, ensuring security is a key enabler.
• Collaborate with Corporate and Business IT leadership and trusted partners to define the long-term strategic direction for cloud security services, best practices, and the adoption of secure cloud architecture. (Emphasizes strategic security direction)
• Define and maintain security-focused SLAs with partners and vendors providing security services or impacting our security posture.
• Work closely with all IT teams to ensure consistent adherence to all organizational and regulatory security requirements across cloud, on premises, and end-user computing.
• Help the organization identify, review, and securely implement new IT solutions, ensuring security is a primary consideration throughout the solution lifecycle.
• Lead efforts to proactively protect the organization from threat actors by architecting secure solutions, ensuring adherence to agreed security policies and frameworks, and actively identifying and mitigating potential attack vectors across all IT environments. (Stronger emphasis on threat protection and proactive security)
• Establish and maintain project and production schedules for security-related initiatives and deployments within cloud and other IT domains.

•Bachelor’s degree in information systems/technology or educational equivalent, or relevant combination of education and work experience.
•3+ years of demonstrable experience in security architecture and engineering, with significant expertise in securing either AWS or Azure environments (preferably both).
•Extensive knowledge and demonstrable experience in designing, deploying, and supporting secure AWS and/or Azure cloud environments, with a strong understanding of cloud security best practices and native security services.
• Proven ability to utilize Infrastructure-as-Code (IaC) tools like Terraform to implement and manage secure cloud infrastructure and security configurations.
• Solid understanding of secure CI/CD pipelines and security integration within Azure DevOps (or similar platforms), with tools such as Snyk, AppCheck and Wiz.
• Proficiency in security-focused system analysis methods and techniques, including threat modeling and risk assessment.
• Strong understanding of secure networking principles and technologies, especially as they relate to cloud deployments, including network segmentation, firewalling, and secure connectivity options.
• Ability to articulate complex security concepts and architectures clearly and simply to both technical and non-technical stakeholders.
• Demonstrated ability to collaborate effectively with multi-disciplined teams (e.g., application developers, DevOps engineers, infrastructure engineers) to integrate security seamlessly into their workflows.
• Proficiency in analyzing workflows and security requirements to effectively define security tasks, delegate responsibilities, and ensure security targets are met.
• Expertise in identifying, assessing, and articulating potential security attack vectors and recommending appropriate mitigation strategies across diverse IT environments.
• In-depth understanding of security best practices, frameworks (e.g., NIST CSF, CIS Benchmarks), and compliance standards (e.g., ISO 27001, SOC 2, GDPR)
• Experience in evaluating and implementing new and emerging security technologies and practices to enhance the organization's security posture.
Contributing to the development and evolution of Crawford’s security strategy, including service selection/adoption and migration plans.
• Defining and enforcing security architecture standards, patterns and best practices to ensure consistency, scalability and security.
• Prioritizing and coordinating the efforts of the global cloud team to align with business objectives and project deadlines.
• Establishing and managing relationships with cloud providers and other technology vendors to ensure optimal service levels and cost-efficiency.
• Identifying and addressing potential risks and vulnerabilities related to cloud infrastructure, security and compliance.
•AWS and/or Azure certification is preferred but not required.

#LI-DV1

• Pay and incentive plans that recognize performance excellence
• Benefit programs that empower financial, physical, and mental wellness
• Training programs that promote continuous learning and career progression while enhancing job performance
• Sustainability programs that give back to the communities in which we live and work
• A culture of respect, collaboration, entrepreneurial spirit and inclusion