Mandatory experince - 12-15 yearsPurpose of the RoleYum! Brands is seeking a skilled and highly collaborative Staff Security Architect (EMEA) to support our Global Cybersecurity Architecture team. This Staff-level role is responsible for defining and implementing secure, scalable, and standardized architecture across Yum!’s global enterprise, while providing region-aligned security architecture leadership for EMEA initiatives and delivery teams.In this role, you will lead security architecture engagements for priority programs, partner with engineering and product stakeholders across EMEA time zones and embed secure-by-design practices early in the solution lifecycle—balancing business agility with risk mitigation and regulatory expectations. ResponsibilitiesSecurity Architecture & DesignLead design of secure architectures for cloud-native, hybrid, and on-premises platforms supporting EMEA delivery teams.Define reusable security patterns and standardized controls aligned to global reference architectures, with EMEA-specific implementation guidance where needed.Facilitate architecture reviews, threat modeling sessions, and technical risk assessments across distributed teams.Cloud Security & DevSecOpsChampion secure practices and guardrails in AWS, Azure, and GCP environments; guide integration of security into CI/CD pipelines (SAST, DAST, IaC scanning, etc.).Provide leadership in secure containerization, workload protection, and secrets management patterns suited for globally standardized platforms.Identity & Access Management / Zero TrustDrive adoption of Zero Trust principles and modern IAM practices, partnering on SSO, MFA, RBAC, and PAM controls.Data & Network SecurityLead architecture efforts for data protection strategies (classification, encryption, tokenization) and guide secure network design and segmentation.Support implementation of detection and monitoring capabilities (SIEM, XDR, etc.).Risk Management & Compliance Alignment (EMEA lens)Partner with GRC and legal stakeholders to align architecture with regulatory and risk frameworks (including PCI, SOX, GDPR) and recommend mitigations aligned to business risk.Incorporate EMEA-relevant regulatory/security frameworks into solution design and documentation, such as:EU GDPR / UK GDPR (privacy-by-design, cross-border transfers, data minimization)NIS2 (where applicable for critical entities and supply chain risk)DORA (where applicable for ICT risk management expectations in financial contexts)ISO/IEC 27001/27002, NIST 800-53 / 800-207, CIS Controls, and cloud control frameworks such as CSA CCM (as relevant)Strategic Initiatives & Operating Model Drive security architecture roadmap initiatives and represent security architecture in enterprise forums with strong written artifacts and asynchronous collaboration.Mentor engineers and junior architects through patterns, reference architectures, and repeatable guardrails. Minimum Requirements:BE / BTECH with degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience.12-15 years in security architecture, cloud security, or enterprise security engineering roles; experience leading complex projects or architecture workstreams.Hands-on expertise with AWS/Azure/GCP security capabilities; strong grasp of IAM, Zero Trust, data protection, and cloud-native security tooling.Familiarity with security frameworks and architectural methodologies (NIST 800-53/207, ISO 27001, TOGAF, SABSA) and ability to apply them pragmatically across distributed teams.Strong written and verbal communication skills; ability to influence technical and non-technical stakeholders across time zones.Preferred RequirementsCertifications such as CISSP, CISM, CCSP, cloud security specialties, TOGAF, or SABSA.Experience in regulated environments (PCI, SOX, GDPR, HIPAA) and practical experience implementing privacy-by-design controls.Strong DevSecOps and modern SDLC practices in Agile environments.
Job Title
Security Architect (EMEA)