Security Architect

The Company

We are entering a new era, with utilities worldwide transforming to meet business and sustainability targets. For over 35 years Gentrack has been partnering with the world's leading utilities, and more than 60 energy and water companies rely on us. Gentrack, with our partners Salesforce and AWS, are leading today's transformation with g2.0, an end-to-end product-to-profit solution. Using low code / no code, and composable technology, g2.0 allows utilities to launch new propositions in days, reduce cost-to-serve and lead in total experience.

Our Values and Culture 

Colleagues at Gentrack are one big team, working together to drive efficiency in two of the planet's most precious resources, energy, and water. We are passionate people who want to drive change through technology and believe in making a difference. Our values drive decisions and how we interact and communicate with customers, partners, shareholders, and each other. Our core values are:

• Respect for the planet
• Respect for our customers and
• Respect for each other

Gentrackers are a group of smart thinkers and dedicated doers.  We are a diverse team who love our work and the people we work with and who collaborate and inspire each other to deliver creative solutions that make our customers successful. We are a team that shares knowledge, asks questions, raises the bar, and are expert advisers. At Gentrack we care about doing honest business that is good for not just customers but families, communities, and ultimately the planet. Gentrackers continuously look for a better way and drive quality into everything they do.

This is a truly exciting time to join Gentrack with a clear growth strategy and a world class leadership team working to fulfil Gentrack's global aspirations by having the most talented people, an inspiring culture, and a technology first, people centric business.

The Opportunity

The Security Architect plays a key role in Gentrack's global Information Security team, with a primary focus on embedding security architecture, DevSecOps, and technical assurance across our environments. Reporting directly to the Group CISO, the role will deliver security architecture activities and contribute to governance, risk, and compliance where required.

As part of a small, high-trust team, the Security Architect will contribute to strategic decision-making but will also be expected to roll up their sleeves across technical, operational, and assurance activities, including incident management and customer security engagements.

This position offers the opportunity to play a critical role in delivering security architecture in a global SaaS organisation, working alongside Product, Delivery, Platform, ICT, and Privacy teams to embed security by design into the way Gentrack operates.

The Specifics

Security Architecture & DevSecOps

• Apply and develop Gentrack's security architecture principles consistently across corporate IT, SaaS, and product environments.
• Drive the adoption of DevSecOps practices across Delivery and Product teams, using a phased approach that combines documented process improvements with technical implementation. Candidate must have prior experience leading DevSecOps adoption in a SaaS or cloud environment (not just theoretical knowledge).
• Promote and support secure software development by guiding Delivery and Product teams on best practices, ensuring consistent use of tools such as Checkmarx (SAST) alongside other secure SDLC methods
• Develop high- and low-level designs (HLD/LLD) for security and ICT solutions, and act as security reviewer for Product, Platform, and customer solution architectures to ensure compliance with Gentrack's security standards.
• Lead security design reviews for identity and access management, with particular focus on Entra ID (corporate identity) and AWS Identity Centre (product environments).
• Provide architectural design and implementation support across core security tooling and controls, including Microsoft Intune (endpoint security and management), Privileged Access Management (PAM), Netskope (SWG/DLP/Zero Trust), and CrowdStrike (EPP, MDR, CNAPP), ensuring these are deployed and operated in line with Gentrack's security and compliance objectives.

Cloud & Infrastructure

• Act as SME for AWS security, with a focus on IAM, workload protection, encryption, and security monitoring.
• Guide the adoption and effective use of CrowdStrike CNAPP across Platform, Delivery, and Product teams, enabling visibility, vulnerability management, and compliance across all environments.
• Review and support network security architecture, including AWS designs and on-premises controls (e.g., Fortinet firewalls, segmentation, and secure connectivity).
• Demonstrated ability to implement cloud-native security controls (IAM, logging/monitoring, encryption) rather than purely advisory roles.

AI & Emerging Technology

• Provide security input on the adoption and deployment of AI tools and services within Gentrack.
• Ensure AI PoCs and deployments align to Gentrack's Responsible AI Use Policy and security guardrails.
• Evaluate risks of integrating AI with existing platforms (e.g., Confluence, SharePoint, Jira), ensuring sensitive data is protected.

Governance & Compliance Support

• Support the governance, risk, and compliance function when required (e.g., ISO 27001, ISO 27701, SOC 2, and regional regulatory assessments).
• Respond to customer security questionnaires, RFIs/RFPs, and audits. Representing Gentrack's control posture and coordinating evidence.
• Perform vendor/third-party security reviews in line with Gentrack's vendor and software assessment processes.
• Maintain clear audit trails/evidence (e.g., in Hyperproof GRC platform) and update the security risk register as needed.

Operations & Incident Support

• Contribute to security incident management, including investigation, containment, and follow-up actions.
• Provide technical input into incident response workflows alongside MDR providers, ICT, and Platform teams.
• Support reporting and evidence collection for Information Security Steering Committee (ISSC) and Audit and Risk Committee (ARC) where architecture or tooling is involved.

Mentoring & Collaboration

• Mentor junior team members (e.g., Security Engineer) to build technical maturity and capability within InfoSec.
• Work collaboratively with stakeholders across geographies (NZ, AU, UK, India) to deliver practical, usable security.

Key Attributes

• Pragmatic and hands-on, equally comfortable advising on architecture and configuring tooling.
• Experienced in highly regulated industries (utilities, financial services, telecoms, or similar).
• Advanced knowledge of secure SDLC and DevSecOps (not just familiarity).
• Collaborative and approachable, able to explain security requirements to technical and non-technical audiences.
• Brings international experience from global organisations and is able to work across cultures and geographies.
• Professional curiosity, keeps up to date with emerging threats, tools, and practices.
• Provides technical input to strategic discussions.
• Clear communicator who can balance technical depth with practical delivery.

Qualifications & Experience

• Bachelor's degree or equivalent in Information Security, Computer Science, or a related discipline.
• 7+ years' experience in security architecture, engineering, or closely related roles.
• Proven experience delivering DevSecOps adoption.
• Strong experience with AWS cloud security.
• Experience with enterprise security tooling (EPP/MDR, SWG/DLP/ZTNA, MDM/MAM, email security, PAM, IAM).
• Prior involvement in customer security reviews and vendor risk assessments.
• Required/Preferred: Current certifications aligned to the security architecture path (e.g., CISSP, CCSP, AWS Certified Security – Specialty, or equivalent).
• Desirable: OSCP, CISSP-ISSAP, GIAC Cloud Security Essentials (GCLD), GIAC Cloud Security Automation (GCSA), GIAC Defensible Security Architecture (GDSA).

Why This Role Matters

This is an opportunity to strengthen security architecture in a growing SaaS business where trust, compliance, and customer assurance are central to success. The Security Architect will directly shape how Gentrack integrates security into its products, platforms, and operations, from DevSecOps to cloud to AI adoption.

The role provides a clear progression path into a Senior Security Architect position, expanding scope into enterprise-wide architecture leadership, while continuing to work closely with the CISO on strategic decisions

What we offer in return:

• Personal growth – in leadership, commercial acumen and technical excellence
• To be part of a global, winning high growth organization – with a career path to match
• A vibrant, culture full of people passionate about transformation and making a difference -with a one team, collaborative ethos
• A competitive reward package that truly awards our top talent
• A chance to make a true impact on society and the planet

Gentrack want to work with the best people, no matter their background. So, if you are passionate about learning new things and keen to join the mission, you will fit right in.