Security Architecture Lead

Our Team:

Our Security Architecture team, reporting directly to the CISO alongside the Security Operations & SOC and Governance, Risk, and Compliance teams, plays a pivotal role in designing and implementing robust security solutions across all digital domains. Under the leadership of the Security Architecture Lead, this team ensures our organization's technological infrastructure is secure, aligned with industry best practices, and effectively supports our cybersecurity strategy.

Main responsibilities:

The Security Architecture Lead will manage and oversee the key functions within the Security Architecture team, ensuring alignment with broader digital and cybersecurity teams. This managerial role focuses on guiding and supporting a team of 5 FTEs in the following key areas:

• Portfolio Optimisation & Functional Gaps:
  • Oversee the assessment of the efficacy of deployed security solutions against leading vendor solutions.
  • Manage the evaluation of the organization’s cybersecurity solution portfolio and remediating any functional gaps.
• Policies, Tech Standards & Security by Design:
  • Guide the team in collaborating with other departments (e.g., IT, enterprise risk, business owners, HR) to update and design policies and technology standards.
  • Ensuring the team provides security guidance and support to product development teams.
  • Oversee the regular review and update of security policies and the certification and accreditation process for new systems.
• Data Loss Prevention:
  • Manage the design, implementation, and management of data classification and loss prevention processes.
• Identity & Access Management:
  • Supervise the design, implementation, and management of procedures and workflows related to identity and access management, including general and privileged identity management.
• Technology Management:
  • Oversee the design, implementation, and management of cybersecurity solutions across all technology areas, including network, cloud, endpoint, applications, and data.
  • Direct the design and management of threat intelligence solutions and updating rules and controls in response to emerging threats.
  • Ensure the effective management of the cybersecurity data and systems lifecycle, including timely patching and upgrades.

About you

• Experience:
  • 10+ years of professional experience (equivalent combination of experience and education accepted)
  • In-depth knowledge of cybersecurity principles, practices, and technologies across digital domains (network, cloud, endpoint, applications, data).
  • Experience in policy and standards development, data loss prevention, identity and access management, and cybersecurity technology management.
  • Previous work in an international environment.
  • Proven track record of overseeing the design and implementation of security solutions aligned with organizational goals.
• Soft skills:
  • Proven digital leadership and people management, recruiting and development skills; ability to build, develop & lead a team to achieve assigned outcomes.
  • Leading teams through empowerment
  • Broad experience in working in large digital teams, with an understanding of how digital and business processes are linked.
  • Project management skills / experience in supporting transformations in digital is essential; the ability to work collaboratively within and across different digital and business teams to design and implement solutions with global impact.
  • Skilled problem solver and self-starter.
  • A hands-on pragmatic attitude to driving change.
  • Positive, "can-do" attitude.
• Technical skills:
  • High level of proficiency in the Microsoft tech stack and leveraging ecosystem synergies.
  • Experience with AGILE or similar project management frameworks.
  • Working knowledge of common information security management frameworks (ISO/IEC 27001, ITIL, NIST, NISD, CISSP/CCSP, QxP, CIS20).
• Education:
  • Bachelor’s and master’s degree (preferred) in any of the following fields of study: Information Technology, Computer Science, Cybersecurity or Information Security
• Languages:
  • English

Better is out there. Better medications, better outcomes, better science. But progress doesn’t happen without people – people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. So, let’s be those people.

At Sanofi, we provide equal opportunities to all regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, ability or gender identity.

Watch our ALL IN video and check out our Diversity Equity and Inclusion actions at sanofi.com!