Senior Enterprise Security Architect

The Qantas Group strives to have a strong cyber safety culture and capability with cyber managed as a business risk. This includes the implementation and sustainability of control measures to protect the confidentiality, integrity and availability of the IT Environment and the data and information contained within it.

The Senior Enterprise Security Architect is responsible for developing, governing and managing the Qantas Group Enterprise Security Architecture. This includes overseeing enterprise security requirements, IT principles, policies, standards, architecture reference models, and the security architecture framework.

In this role, the Senior Enterprise Security Architect is responsible for documenting the strategic plan to ensure the appropriate level of cyber protection for the group’s enterprise technology domain. You will provide subject matter expertise and consulting on projects and business activities at all levels of network, IT security and enterprise architecture as well as broader cyber security risk.

The Senior Enterprise Security Architect serves as trusted advisor and partner to the business and technology domains and is responsible for formulating and communicating the architectural standards, reference designs and best practices utilised by business and technology teams when implementing and maintaining digital technology.

This role reports into the Head of Group Cyber Architecture, Digital & Cloud, the Secure by Design cyber function comprising a diverse team of Senior ESA‘s and other SMEs within the Qantas Group Cyber team.

Your main responsibilities will include:

• Contribute to defining and championing the enterprise security architecture, relevant security standards, reference designs, procedures and frameworks in order to enhance effective security compliance throughout the business
• Engage externally with industry on IT security thought leadership to bring continuous security improvement and learning to Qantas
• Proactively monitor and utilise internally generated data and reporting to maintain understanding of current vulnerabilities, risk profile and threat landscape
• Assess and evaluate threat risk and support timely incident management through partnership with relevant teams, to minimise impact and reoccurrence of security breaches
• Evaluate and establish appropriate controls over 3rd party vendors to prevent unwanted vulnerabilities from emerging from relationships
• Support and provide technical expertise to audit and/or investigation processes to improve understanding of security event causes and mitigate against future events
• Provide leadership and coaching to promote a team environment oriented towards continuous improvement and risk management

You’ll have:

• 10 years of experience in leading and participating in cyber security (and/or information security/information technology) audits, assessments, remediation management, creating, leading, and managing cyber security risk assessment programs
• Degree desirable (e.g., Information Security, Information Protection, Computer Information Systems, Computer Science, Computer Engineering, Information Systems Management, Business/Commerce, Law including CISSP, CCNA, CCIE, CRISC, CSA, TOGAF, SABSA or other relevant industry certifications
• Familiarity with privacy laws, data protection/security regulations (such as PCI DSS), & frameworks such as NIST, ISO, COBIT & BITS ISO2700 series. 
• Experienced security architect, knowledgeable with enterprise security architecture and cyber security principles, standards and techniques, & experienced in security consulting to project &/or business teams. 
•  Experience in one or more of the following areas: Cloud Service offering and security control options for Cloud vendors (Azure, AWS, Google, IBM, etc), encryption, application security, database security, Artificial Intelligence, mobile applications. 
• Business/client service skills orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc is of value. 
• Strong influence & negotiation skills needed to obtain commitments in remediating risks & vulnerabilities from leadership of other teams & business units. 
• Possess a general understanding of underlying infrastructure architecture including internet, intranets, & communication protocols such as TCP, UDP, & IPSEC
• Excellent stakeholder management skills. 
• Excellent verbal and written communication, listening and facilitation skills. 
• Excellent time management & related organizational skills, including appropriate sense of urgency, a proactive approach, an ability to anticipate and manage project lifecycle events, issues and roadblocks. 
• Technical writing-comfortable writing reports for senior management 
• Experience with contract and vendor negotiations and contract/service level agreement reviews.

The Qantas employee benefits program offers amazing benefits that extend well beyond travel.  

• We love to travel: Enjoy heavily discounted air travel within Australia and across the globe, both for you and your family and friends, as well as exclusive deals on accommodation and holidays. 
• We have flexible leave options: Make use of leave and flexible working opportunities including 18 weeks paid parental leave and the option to purchase additional paid leave for eligible employees.  
• We’ll give you access to thousands of rewards: Through our partnerships we can offer you discounts across shopping, food and wine, insurance, health and wellbeing, leisure and entertainment. You can also take advantage of our salary packaging program including motor vehicles, eligible portable electronic devices and professional memberships.  
• We’ll support your wellbeing: Whether it’s learning to better support your own and others’ mental health, our interactive wellbeing app or your very own tailored nutrition plan.  

Qantas is an equal opportunity employer committed to providing a working environment that embraces and values diversity and inclusion. By coming to work for us, you’ll be part of an organisation that encourages diversity, supports charities and environmental initiatives. We encourage Aboriginal and Torres Strait Islander, and people of all backgrounds to apply. If you have any support or access requirements, we encourage you to advise us at time of application. Your personal information will be kept confidential in compliance with relevant privacy legislation. 

Be part of something special and play your part in the Qantas story – get in touch today! 

Applications close on the 8th of April 2025