Key Responsibilities
- Own the end-to-end PAM/PAW solution architecture for the assigned workstream.
- Define the target-state architecture, including integration with identity platforms, network systems, access controls, monitoring, and operational tooling.
- Assess current-state privileged access processes and identify gaps, risks, and required changes.
- Translate business, security, operational, and compliance requirements into a practical solution architecture.
- Work closely with security, network, infrastructure, operations, and application teams to ensure architectural alignment.
- Define architecture principles, design patterns, security controls, and implementation guardrails.
- Support decision-making around PAM tooling, PAW standards, access models, and integration approaches.
- Ensure the solution supports audit, regulatory, and governance requirements.
- Identify architectural risks, dependencies, and constraints, and propose mitigation options.
- Provide technical leadership to designers, engineers, PMs, BAs, and delivery teams.
- Produce and maintain key architecture artefacts, including high-level designs, architecture diagrams, options papers, and decision records.
- Present solution options, recommendations, and risks to senior stakeholders and governance boards.
- Ensure the solution is fit for transition into BAU operations.
Required Skills and Experience
- Strong experience as a Solution Architect in security, identity, network, or infrastructure programmes.
- Good understanding of Privileged Access Management concepts, including privileged accounts, session management, credential vaulting, least privilege, access approval workflows, and audit logging.
- Good understanding of Privileged Access Workstation concepts, including hardened workstations, admin tiers, secure access models, and separation of privileged and standard user activities.
- Experience working in complex enterprise or telecom environments.
- Strong understanding of network environments, operational support models, and security governance.
- Ability to convert complex security and operational requirements into practical solution designs.
- Experience working with senior stakeholders, architecture review boards, cyber security teams, and operations teams.
- Ability to take ownership, drive decisions, and remove ambiguity.
Desirable Skills
- Experience with PAM tools such as CyberArk, BeyondTrust, Delinea, or similar.
- Experience with Microsoft security technologies, Active Directory, Entra ID, conditional access, device hardening, or endpoint management.
- Experience in Solution Architecture, separation, migration, divestment, or integration programmes.
- Knowledge of telecom network operations and privileged access controls.
Expected Outcomes
- Approved PAM/PAW target architecture.
- Clear architecture decisions and design principles.
- Identified risks, dependencies, and mitigation plans.
- Architecture aligned with company security and operational standards.
- Solution ready for detailed design, delivery, and operational handover.