Logo for PFH Technology Group

Cyber Security Architect

Role overview

Qualifications

  • Significant current, hands-on experience in security architecture, cyber security engineering or solution architecture
  • Demonstrable recent experience reviewing and advising on security architecture for complex digital, cloud or integration-heavy solutions
  • Strong working knowledge of NIS2, ISO 27001, NIST CSF and GDPR
  • Experience with cloud and hybrid security architecture (Azure and/or AWS)

Responsibilities

  • Review proposed architectures, designs and supplier solutions across assigned programmes
  • Conduct threat modelling, vulnerability analysis and technical risk assessments
  • Support secure procurement activities across assigned programmes
  • Maintain accurate security architecture documentation and contribute to remediation plans

About the company

PFH Technology Group logo

PFH Technology Group

Information Technology & Services

PFH Technology Group, a Ricoh Company, is Ireland's largest ICT services and solutions provider with 800+ employees (600+ technical). We deliver innovative, end-to-end technology solutions to businesses across public and private sectors. With a nationwide presence and a reputation for excellence, PFH specialises in IT infrastructure, cloud services, cybersecurity, managed services, and workplace transformation. As a trusted partner, PFH combines technical expertise with cutting-edge technologies to empower organisations, driving digital transformation and business success. And as part of the Ricoh global family, PFH leverages Ricoh's international resources, while maintaining its commitment to local expertise and customer-centric service.

Company details

Company typeSME
IndustryInformation Technology & Services
Company size501 - 1000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Cyber Security Architect


PFH Technology Group are currently recruiting for a Cyber Security Architect to work with our client.


Role Overview


The Cyber Security Architect will work alongside senior architecture colleagues to provide security architecture review, threat modelling and assurance input across multiple national and large-scale and other complex digital health and infrastructure initiatives.


This is a generalist, delivery-facing role. Rather than being aligned to a single programme, the post holder will flex across a portfolio of active programmes as priorities require, reviewing architecture and design artefacts, conducting threat modelling and risk assessments, and providing practical, proportionate security guidance to programme architects, delivery teams and suppliers. The role operates in support of, and under the direction of, the Security Architecture Lead within the team.


The role requires current, hands-on security architecture experience. The post holder will spend the majority of their time on technical review and design validation work across programmes, rather than leading programme-level governance forums.


The CISO Security Architecture Team provides independent security architecture assurance across a portfolio of national digital health programmes and large-scale technology projects. Current and forthcoming programmes drawing on the team include:


National Shared Care Record (NSCR) – integrated access to healthcare information
App – citizen-facing digital health services.
Other large-scale, complex digital health, cloud and infrastructure programmes
Supporting a Secure Procurement process.


The team acts as an independent security assurance function, maintaining separation of concerns from programme-embedded enterprise architecture roles, and supports the clients obligations under NIS2, GDPR, the Cyber Resilience Act (CRA) and related regulatory frameworks.


Key Responsibilities


Architecture Review & Design Input


Review proposed architectures, designs and supplier solutions across assigned programmes to confirm that security requirements, risks and controls are appropriately addressed.


Conduct structured security architecture reviews of solution designs, integrations and architectural artefacts, providing written and verbal findings.


Produce clear, practical security architecture recommendations to support secure design and implementation decisions.


Support the development of secure high-level and low-level designs for applications, cloud services, infrastructure, integrations and identity-related solutions.


Risk & Threat Analysis


Conduct threat modelling, vulnerability analysis and technical risk assessments across programme systems, supplier dependencies and integrations.


Identify security risks, design weaknesses and control gaps, and recommend proportionate mitigation measures.


Monitor the relevant threat landscape and advise on actions required to maintain a defensible security posture.


Support CISO Governance, Risk and Controls teams as a technical SME as required.


Secure Procurement & Assurance


Support secure procurement activities across assigned programmes, including development of security requirements and evaluation criteria for tenders.


Provide SME input into Procurement Evaluation Groups (PEGs) and technical evaluation panels.


Support Request for Specific Approval (RSA) reviews and formal responses where required.


Define and review penetration testing scopes, liaise with vendors, and analyse results.
Standards, Patterns & Compliance


Contribute to and maintain security architecture standards, design principles, reference patterns and supporting guidance for use across programmes.


Support compliance with the NIS2 Directive, Cyber Resilience Act (CRA), GDPR, Data Protection Act 2018, ISO 27001, NIST CSF and HSE cyber security policy.


Stakeholder Engagement


Work closely with programme architects, delivery teams, Information Asset Owners and suppliers to embed security into design and delivery.


Explain technical security findings clearly to both technical and non-technical stakeholders.


Contribute security findings and recommendations to programme governance forums and design authorities as required, in a supporting and assurance capacity.


Work collaboratively with senior colleagues within the Security Architecture Team, escalating material risks and design concerns as appropriate.


Documentation & Continuous Improvement


Maintain accurate security architecture documentation, review records and risk registers.


Support internal and external audits by providing evidence and contributing to remediation plans.


Contribute to continuous improvement of security architecture standards and assurance methods across the team.
 
Required Skills and Experience


Significant current, hands-on experience in security architecture, cyber security engineering or solution architecture (not solely GRC or assurance oversight).


Demonstrable recent experience reviewing and advising on security architecture for complex digital, cloud or integration-heavy solutions.


Experience producing technical security artefacts: threat models, risk assessments, design reviews, architecture patterns.


Strong working knowledge of NIS2, ISO 27001, NIST CSF and GDPR (or equivalent regulatory frameworks).


Experience with cloud and hybrid security architecture (Azure and/or AWS), identity and access management, and network security design.


Ability to work across multiple concurrent programmes and re-prioritise as demands change.
Strong written and verbal communication skills, with the ability to translate technical findings for non-technical audiences.


Desirable Skills, Experience and Qualifications


Experience in security architecture or assurance for healthcare, digital health or other critical national infrastructure programmes.


Familiarity with health interoperability standards: HL7 FHIR, HL7 v2, IHE profiles, openEHR.


Experience embedding security into DevSecOps and secure-by-design software delivery pipelines.


Practical experience with relevant tooling: threat modelling tools (e.g. Microsoft Threat Modeling Tool, OWASP Threat Dragon), vulnerability scanning (e.g. Nessus), SIEM platforms, Azure AD/Entra ID, ServiceNow GRC, Visio or equivalent.
Relevant professional certification (e.g. CISSP, CISM, SABSA, TOGAF, CCSP, AZ-305) advantageous.


Experience in the Irish healthcare or public sector environment.
 
PFH Technology, owned by Ricoh – a Japanese based global ICT company, is a premier provider of end-to-end ICT solutions and a managed services portfolio scaling from SMEs to large Enterprise organisations. We have unrivalled vendor relationships. We can procure, design, deploy and support all your ICT needs. Our ISO certified Custodian™ Cloud Services and Custodian™ Managed Services provide the technology and expertise to mitigate risk and reduce your costs immediately. We have a nationwide network of over 750 dedicated professionals, ready to meet your ICT needs, with offices in Dublin, Cork and Galway.

We are an equal opportunity employer and value diversity at PFH. We do not discriminate on the basis of age, disability, civil or family status, gender, gender identity or expression, sexual orientation, race, religion, or any other legally protected status.
We are committed to ensuring that individuals with disabilities or access needs are provided with reasonable accommodation during the recruitment process, to perform essential job functions, and to access the full benefits of employment. Please contact us if you require accommodation at any stage

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Security Architect Related jobs

Other jobs at PFH Technology Group

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.