Job Description

The Company

Gentrack provides leading utilities across the world with innovative solutions. The global pace of change is accelerating, and utilities need to rebuild for a more sustainable future. Working with some of the world’s biggest energy and water companies, as well as innovative challenger brands, we are helping companies reshape what it means to be a utilities business. We are driven by our passion to create positive impact. That is why utilities rely on us to drive innovation, deliver great customer experiences, and secure profits. Together, we are renewing utilities.

Our Values and Culture

Colleagues at Gentrack are one big team, working together to drive efficiency in two of the planet’s most precious resources, energy, and water. We are passionate people who want to drive change through technology and believe in making a difference. Our values drive decisions and how we interact and communicate with customers, partners, shareholders, and each other. Our core values are:

• Respect for the planet
• Respect for our customers and
• Respect for each other

Gentrackers are a group of smart thinkers and dedicated doers. We are a diverse team who love our work and the people we work with and who collaborate and inspire each other to deliver creative solutions that make our customers successful. We are a team that shares knowledge, asks questions, raises the bar, and are expert advisers. At Gentrack we care about doing honest business that is good for not just customers but families, communities, and ultimately the planet. Gentrackers continuously look for a better way and drive quality into everything they do.

This is a truly exciting time to join Gentrack with a clear growth strategy and a world class leadership team working to fulfil Gentrack’s global aspirations by having the most talented people, an inspiring culture, and a technology first, people centric business.

The Opportunity

The Security Architect plays a key role in Gentrack’s global Information Security team, with a primary focus on embedding security architecture, DevSecOps, and technical assurance across our environments.

Reporting directly to the Group CISO, the role will act as the senior security architecture specialist within the Information Security team, providing expert guidance on the secure design of systems, cloud platforms, and development practices. The Security Architect will contribute to strategic security architecture discussions and support the CISO in shaping Gentrack’s overall security architecture direction.

As part of a small, high-trust team, the Security Architect will operate with a high degree of independence, working closely with Product, Delivery, Platform, ICT, and Privacy teams to embed security by design into the way Gentrack operates.

This position offers the opportunity to play a critical role in delivering security architecture in a global SaaS organization, ensuring security principles and practical controls are consistently applied across Gentrack’s corporate, platform, and product environments.

Key Responsibilities

Security Architecture & DevSecOps

• Maintain and apply Gentrack’s security architecture principles, reference patterns, and design guidance across corporate IT, SaaS platforms, AI-enabled services, and product environments.
• Work closely with Product, Delivery, and Platform teams to embed security thinking early in solution design and engineering processes, helping teams incorporate secure design practices into their architectures and delivery pipelines.
• Drive the adoption of DevSecOps practices across Delivery and Product teams, using a phased approach that combines documented process improvements with technical implementation. Candidates must have prior experience designing and implementing DevSecOps security controls and pipelines in SaaS or cloud environments, not just theoretical knowledge.
• Promote and support secure software development by guiding Delivery and Product teams on best practices, ensuring consistent use of tools such as Checkmarx (SAST) alongside broader secure SDLC practices.
• Develop security architecture designs and provide security input into high- and low-level solution designs (HLD/LLD) produced by Product, Platform, and ICT teams.
• Act as the security architecture lead during design reviews, providing guidance and security input into Product, Platform, and customer solution architectures to ensure alignment with Gentrack’s security principles and risk posture.
• Lead security design discussions for identity and access management, with particular focus on Entra ID (corporate identity) and AWS Identity Centre (product environments).
• Provide architectural design and implementation support across core security tooling and controls, including Microsoft Intune, Privileged Access Management (PAM), Netskope (SWG/DLP/Zero Trust), and CrowdStrike (EPP, MDR, CNAPP), ensuring these are deployed and operated in line with Gentrack’s security and compliance objectives.

Cloud & Infrastructure

• Act as SME for AWS security, with a focus on IAM, workload protection, encryption, and security monitoring.
• Guide the adoption and effective use of CrowdStrike CNAPP across Platform, Delivery, and Product teams, enabling visibility, vulnerability management, and compliance across all environments.
• Review and support network security architecture, including AWS designs and on-premises controls (e.g., Fortinet firewalls, segmentation, and secure connectivity).
• Demonstrated ability to implement cloud-native security controls (IAM, logging/monitoring, encryption) rather than purely advisory roles.

AI & Emerging Technology

• Provide security input on the adoption and deployment of AI tools and services within Gentrack.
• Ensure AI PoCs and deployments align to Gentrack’s Responsible AI Use Policy and security guardrails.
• Evaluate risks of integrating AI with existing platforms (e.g., Confluence, SharePoint, Jira), ensuring sensitive data is protected.

Governance & Compliance Support

• Provide technical input to governance, risk, and compliance activities where architecture expertise is required (e.g., ISO 27001, ISO 27701, SOC 2, and regional regulatory assessments).
• Support responses to customer security questionnaires, RFIs/RFPs, and audits. Representing Gentrack’s control posture and coordinating evidence.
• Perform vendor/third-party security reviews in line with Gentrack’s vendor and software assessment processes.
• Maintain architecture and technical assurance evidence where required (e.g., in the Hyperproof GRC platform) and contribute to updates of the security risk register.

Operations & Incident Support

• Provide architectural guidance during major security incidents, supporting investigation, root cause analysis, and long-term remediation improvements.
• Provide technical input into incident response workflows alongside MDR providers, ICT, and Platform teams.
• Support reporting and evidence collection for the Information Security Steering Committee (ISSC) and Audit and Risk Committee (ARC) where architecture or tooling insights are required.

Mentoring & Collaboration

• Mentor junior team members (e.g., Security Engineer) to build technical maturity and capability within InfoSec.
• Work collaboratively with stakeholders across geographies (NZ, AU, UK, India) to deliver practical, usable security.

Key Attributes

• Pragmatic and hands-on, equally comfortable advising on architecture and configuring technical controls.
• Strong ability to influence engineering teams through collaboration and technical credibility, embedding security into designs without creating unnecessary friction.
• Comfortably operating independently in a global organization, while maintaining close alignment with the CISO and overall security strategy.
• Experienced in highly regulated industries (utilities, financial services, telecoms, or similar).
• Advanced knowledge of secure SDLC and DevSecOps practices.
• Collaborative and approachable, able to explain security requirements to technical and non-technical audiences.
• Brings international experience from global organizations and is able to work effectively across cultures and geographies.
• Professional curiosity and awareness of emerging threats, tools, and industry practices.
• Clear communicator able to balance technical depth with practical delivery.

Total Experience 10-14 years

Qualifications & Experience

• Bachelor’s degree or equivalent in Information Security, Computer Science, or related discipline.
• 8–10 years total experience in information security, cloud security, or related technical roles.
• 5+ years’ operating specifically in a security architecture or senior security engineering role, including reviewing solution designs and producing architecture artefacts.
• Demonstrated experience producing architecture artefacts such as security patterns, reference architectures, threat models, and architecture review documentation.
• Proven experience designing and implementing DevSecOps security practices in SaaS or cloud environments.
• Strong experience with AWS cloud security architecture.
• Experience with enterprise security tooling (EPP/MDR, SWG/DLP/ZTNA, MDM/MAM, email security, PAM, IAM).
• Experience securing ML pipelines, protection of training data, and emerging risks such as prompt injection or model leakage.
• Maintain and apply Gentrack’s security architecture principles, reference patterns, and design guidance across corporate IT, SaaS platforms, AI-enabled services, and product environments.
• Prior involvement in customer security reviews and vendor risk assessments.
• Required/Preferred certifications aligned to security architecture paths (e.g., CISSP, CCSP, AWS Security Specialty).
• Desirable: CISSP-ISSAP, SABSA, TOGAF exposure, GIAC cloud security certifications.

Why this role matters

This is an opportunity to strengthen security architecture in a growing SaaS organisation where trust, compliance, and customer assurance are central to success.

The Security Architect will directly influence how Gentrack integrates security into its products, platforms, and operations — from DevSecOps pipelines and cloud architecture to emerging technologies such as AI.

The role provides a clear progression path into a Senior Security Architect position, expanding scope into enterprise-wide architecture leadership while continuing to work closely with the CISO on strategic security decisions.

What we offer in return:

• Personal growth in leadership, commercial acumen and technical excellence.
• To be part of a global, high growth organization.
• A vibrant, culture of people passionate about transformation and making a difference.
• A competitive reward package that truly awards our top talent.
• A chance to make a true impact on society and the planet.

Gentrack want to work with the best people, no matter their background. So, if you are passionate about learning new things and keen to join the mission, you will fit right in.