Security Architect | Manager to Senior Manager | HCMC Office

About the Role

EY is seeking an experienced Security Architect to join our Cybersecurity Consulting practice in Vietnam. The successful candidate will lead the design and implementation of modern security architectures for enterprise clients, with a strong emphasis on Cloud Security, Zero Trust Architecture (ZTA), Identity and Access Management (IAM), and emerging AI-enabled security technologies.

This role requires a combination of strategic advisory capabilities, deep technical expertise, stakeholder management, and project delivery leadership. The Security Architect will work closely with C-level executives, security leaders, cloud engineering teams, and risk professionals to define and implement security strategies aligned with business objectives and regulatory requirements.

Key Responsibilities

Security Architecture & Strategy

• Lead the development of enterprise security architectures aligned with business and technology strategies.
• Design and implement security reference architectures covering cloud, hybrid, and multi-cloud environments.
• Define security roadmaps, target-state architectures, and transformation programs.
• Conduct architecture reviews and security design assessments for critical systems and platforms.
• Advise clients on cybersecurity governance, operating models, and security-by-design practices.

Cloud Security

• Design secure architectures for cloud platforms including: Azure, AWS, GCP
• Develop cloud security frameworks, landing zones, and guardrails.
• Architect cloud-native security controls: Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), Container Security, Kubernetes Security, Secrets Management, DevSecOps
• Conduct cloud security assessments and architecture reviews.

Zero Trust Architecture

• Lead Zero Trust transformation initiatives based on industry frameworks such as NIST 800-207.
• Identity-centric security architectures, continuous authentication and authorization models
• Micro-segmentation strategies, device trust and posture validation
• Secure access service edge (SASE/SSE), software-defined perimeters
• Develop Zero Trust maturity models and implementation roadmaps.

Identity & Access Management

• Architect enterprise IAM solutions: Workforce Identity, Customer Identity (CIAM), Privileged Access Management (PAM), Identity Governance and Administration (IGA)
• Design authentication and federation architectures: SAML, OAuth 2.0, OpenID Connect, FIDO2 / Passkeys
• Implement modern identity security controls: Adaptive authentication, Risk-based access control, Privileged session management, Just-in-time access, Identity threat detection and response (ITDR)

Security Consulting & Advisory

• Lead cybersecurity transformation engagements for large enterprises.
• Provide executive-level presentations and recommendations to senior stakeholders.
• Support cybersecurity strategy, regulatory compliance, and risk management initiatives.
• Contribute to proposals, solution development, and business growth activities.

Team Leadership

• Lead and mentor cybersecurity consultants and architects.
• Review solution designs and project deliverables.
• Drive knowledge sharing and capability development across the cybersecurity practice.
• Support recruitment and development of cybersecurity talent.

Qualifications & Skills

Bachelor's degree or higher in Computer Science, Information Security, Engineering, or related discipline.

Manager

• 8+ years of cybersecurity experience.
• 3+ years in security architecture, cloud security, or IAM leadership roles.

Senior Manager

• 12+ years of cybersecurity experience.
• 5+ years leading enterprise security transformation programs.

Technical Expertise

Cloud Security

• Strong experience with Azure, AWS, and/or GCP security architectures.
• Knowledge of cloud-native security services and cloud governance frameworks.

Zero Trust

• Practical experience designing and implementing Zero Trust architectures.
• Deep understanding of: Identity-centric security, Network segmentation, Continuous verification, Security telemetry and monitoring

Identity Security

• Strong knowledge of: IAM, IGA, PAM, CIAM
• Experience with Microsoft Entra ID, Okta, Ping Identity, CyberArk, SailPoint, Saviynt

Security Architecture

• Security frameworks: NIST CSF, NIST 800-207, SABSA, TOGAF, CIS Controls
• Security domains: Application Security, Network Security, Data Protection, Security Operations, Threat Modeling

Consulting Skills

• Executive stakeholder management.
• Strong communication and presentation skills.
• Experience leading workshops and architecture reviews.
• Proposal development and business development experience.

Preferred Certifications

• CISSP, CCSP, CISM, SABSA, TOGAF
• Microsoft Cybersecurity Architect Expert (SC-100)
• Microsoft Identity and Access Administrator (SC-300)
• AWS Security Specialty
• Google Professional Cloud Security Engineer
• CyberArk Defender/Sentry Certifications
• SailPoint Certifications

What We Look For

• Strong leadership and consulting mindset.
• Ability to translate business objectives into security architectures.
• Passion for cloud security, identity security, and Zero Trust transformation.
• Experience working with large enterprise and multinational clients.
• Ability to operate effectively in a fast-paced consulting environment.

What We Offer
EY offers a competitive remuneration package commensurate with your work experience, where you will be rewarded for your individual and team performance. Plus, we offer:

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

Are you ready to shape your future with confidence? Apply today.

EY | Building a better working world
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.