Enterprise Security Architect / GRC Consultant

Insighture is a leading technology consultancy that drives digital transformation for businesses worldwide. With a team of over 85 expert consultants, the company delivers tailored, high-impact strategies and solutions, enabling scalable product engineering. As an AWS partner, Insighture excels in co-integrated cloud services. It has collaborated with more than 50 clients globally, guiding them through cloud adoption, DevOps transformation, enterprise modernisation, and more.

The team’s expertise spans Cloud-Native Development, Solutions Architecture, UI/UX, Quality Engineering, Data Engineering, AI/ML, and DevSecOps. These capabilities empower businesses to achieve impactful and innovative outcomes.

In 2024, Insighture achieved ISO certification and was recognised as a Great Place to Work, earning three prestigious awards: Best Workplace in Sri Lanka, Best Workplace for Technology, and Best Workplace for Young People. Insighture's technology and expertise are embedded in the work of internationally recognised care providers, global freight operations, child protection systems, and health tech platforms across Australia, the UK, and Singapore.

We are seeking an Enterprise Security Architect / GRC Consultant for a 6 months contract to join our growing team.

Qualifications:

• Bachelor’s degree in Information Security, Computer Science, or a related field
• 10+ years of experience in enterprise security and GRC, with strong exposure to security architecture and regulatory compliance frameworks
• Proven hands-on experience across Certificate Lifecycle Management, API Security, IAM, SOC/SIEM (Splunk)

Must Haves:

• Strong experience in Governance, Risk, and Compliance (GRC)
• Deep understanding of Australian regulatory frameworks such as SOCI and Essential Eight
• Experience working closely with CISO offices and senior security leadership
• Expertise across multiple security domains including:
  • Certificate Lifecycle Management
  • API Security
  • Identity & Access Management (IAM)
  • SOC operations and Splunk
• Ability to define security roadmaps, rollout strategies, and implementation timelines
• Strong stakeholder management and consulting skills

Preferred:

• Experience assessing and onboarding third-party security products
• Background in enterprise security architecture within large organizations
• Industry security certifications (e.g., CISSP, CISM, CRISC, ISO 27001)
• Experience working in regulated industries

Role & Responsibilities:

• Collaborate directly with the CISO’s office to align security initiatives with enterprise strategy
• Define and drive GRC frameworks, policies, and security standards
• Ensure compliance with SOCI, Essential Eight, and other regulatory requirements
• Act as a trusted security advisor to senior leadership and business stakeholders
• Assess third-party security tools for technical fit, risk posture, and budget alignment
• Define strategic security rollout and implementation plans, including timelines and phases
• Work closely with business units, vendors, and partners to deliver compliant security solutions
• Provide clear security communication, reporting, and presentations to stakeholders.