Manager – Cybersecurity Architecture & Engineering

Role Summary

This leadership position is responsible for shaping and running NHC’s cybersecurity architecture and engineering capability. The role focuses on building secure systems and applications, strengthening cryptographic key management, and ensuring cloud and hosting environments are protected. It also provides expert guidance to stakeholders, oversees security solution architecture, and manages cybersecurity service delivery to safeguard NHC’s information assets and support business priorities.

Reporting Line and Team Scope

The role reports to the Cybersecurity Director (CISO) and supervises members of the Enterprise Security Architecture team and the Cybersecurity Engineering team.

Key Responsibilities

• Offer specialist cybersecurity advice to internal teams and external partners.
• Make sure security architecture and cybersecurity plans are aligned with business needs.
• Carry out cybersecurity reviews and recommend practical enhancements.
• Oversee cybersecurity service delivery in line with organizational standards and compliance obligations.
• Track service-level agreements and ensure cybersecurity issues are resolved within expected timelines.
• Measure, monitor, and communicate cybersecurity service performance.
• Direct the design and rollout of secure architecture for applications and enterprise systems.
• Ensure security solutions are robust, scalable, resilient, and consistent with recognized best practices.
• Embed security controls into the software and systems development lifecycle.
• Convert business and technical requirements into secure architecture designs.
• Manage the application of security controls across systems and applications.
• Protect systems and applications from current and emerging threats.
• Define and enforce secure configuration and hardening standards.
• Oversee the full lifecycle of cryptographic keys.
• Develop and maintain policies and procedures for key management.
• Ensure cryptographic practices comply with applicable standards and regulations.
• Secure cloud and hosting environments through appropriate controls and governance.
• Apply cloud security best practices and manage related safeguards.
• Perform recurring security assessments of cloud environments.
• Ensure alignment with NCA requirements and other applicable cybersecurity regulations and standards.
• Track regulatory updates and revise policies and controls as needed.
• Lead periodic compliance checks and audit activities.
• Continuously improve cybersecurity architecture, policies, and operational practices.
• Stay current on new cybersecurity trends, technologies, and methods.
• Drive initiatives that strengthen the overall security posture.
• Coordinate closely with the CISO to support organizational cybersecurity goals.
• Prepare and share regular updates on architecture and engineering activities.
• Collaborate with other cybersecurity teams to improve overall security maturity.

Stakeholder Engagement

Internal stakeholders include the NHC Cybersecurity Department, the Cybersecurity Director (CISO), the IT Department, and business units/system owners. External engagement includes regulatory bodies such as NCA, as well as vendors, technology partners, and government or industry forums.

Education and Experience

A bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline is required. An MBA is preferred. The role calls for more than 6 years of relevant experience in cybersecurity architecture and engineering, including security principles, methodologies, architectural models, cloud and hosting security, secure configuration management, technical requirements translation, and cryptographic key management systems. Strong familiarity with NCA standards, the SABSA framework, and other security frameworks is expected.

Preferred Certifications

Preferred credentials include CISSP, with ISSAP preferred, CISM, GCAD, CCSP, SSCP, and SABSA Chartered Practitioner (SCP).