Organisational Context

Under the direct supervision of the Director of the Division of Judicial Services, the Information Management Services Section ensures that the Registry puts in place adequate Information Management (IM) services, for the benefit of all Organs and activities of the Court. The Information Management Services Section will also provide services to other Registry clients, including external parties relying on the policies and technology of the Court.

Information services consist of:

• Information management activities which include: developing policies and best practices for the management of (digital) documents, records and archives; library services and knowledge management, whether technology based or not.

• Information systems support including systems development, administration and integration. Technology services operations support, including end-user services, communications and networking technology, audio- visual technology.

• Information security activities, including developing policies and best practices, implementing information security standards and managing risk related to information, whether technology based or not.

The Information Management Services Section provides:

• Advice on best practices addressing the needs of its clients and the Court’s and Registry’s strategic objectives. Integrated solutions (i.e. systems, policies and processes) relying on industry best-practices on all aspects of information services related to capturing, storing, preserving, delivering, securing and managing information and communication.

• Leadership and dialogue with clients in relation to the innovation, awareness and adoption of new information practices, tools and technology-enabled processes and practices that will improve productivity, effectiveness, information sharing and availability.

• Strategic input and support for the implementation of a continuous change management process harnessing the use of information and technologies.

Duties and Responsibilities

Within the Information Management Services Section (IMSS), the Security Architect contributes to ensuring that the Court’s information systems, infrastructure, and digital services are designed, implemented, and operated in a secure, resilient, and compliant manner.

The role supports the Court’s mandate by providing expert security architecture guidance across cloud, infrastructure, applications, and data platforms, and by ensuring alignment with ICC policies, international standards, and best practices.

Under the supervision of the Enterprise and Solutions Architect, the incumbent will perform the following duties:

• Design and maintain end-to-end security architectures covering infrastructure, networks, cloud services, applications, and data platforms.

• Conduct security architecture reviews and threat modelling for new systems, major enhancements, and technology changes.

• Perform risk assessments related to technologies, suppliers, third-party integrations, and solution designs, and propose appropriate mitigation measures.

• Define and maintain secure configuration standards for public, private, hybrid, and sovereign cloud environments.

• Support the implementation of Zero Trust principles, including identity federation, encryption, network segmentation, and least-privilege access.

• Ensure cloud-native and containerised workloads comply with established security architecture principles and standards.

• Review and enhance directory services, identity and access management (IAM) platforms, and access governance frameworks.

• Evaluate, design, and provide architectural guidance on security technologies, including SIEM, SOAR, EDR/XDR, PAM, HSM, KMS, WAF, and related solutions.

• Provide expert advice on cryptography, digital certificates, and key management practices.

• Review solution designs, technical documentation, RFPs, and vendor proposals to ensure compliance with security requirements and policies.

• Mentor and guide engineering and delivery teams on secure-by-design and secure-by-default practices.

• Contribute to the development and maintenance of security policies, standards, and technical guidelines.

• Perform other duties as required, including reporting and support to audits and assurance activities.

Qualifications

Education

• Advanced university degree in computer science, information systems, information architecture, or a related field is required.

• A first-level university degree combined with additional qualifying experience may be accepted in lieu of the advanced degree.

Experience

• A minimum of five years (seven years with a first level university degree) years of progressively responsible experience in information security, security architecture, or related ICT roles is required.

• Demonstrated experience in designing and reviewing enterprise-scale security architectures across infrastructure, cloud, applications, and data.

• Proven experience conducting threat modelling, security risk assessments, and architecture reviews.

• Demonstrated experience working with identity and access management, access governance, and directory services.

• Demonstrated experience evaluating and integrating security platforms and tooling (e.g. SIEM, EDR/XDR, PAM, encryption technologies).

• Experience supporting cloud and hybrid environments, including containerised platforms, is desirable.

• Experience reviewing vendor proposals and procurement documentation from a security compliance perspective is desirable Certifications

Certifications (Desirable)

• Professional certification in information security or security architecture (e.g. CISSP, CISM, CCSP, SABSA, or equivalent).

• Certification or demonstrated experience in formal architecture frameworks (e.g. TOGAF or similar).

• Familiarity with IT service or security management frameworks (e.g. ITIL, COBIT, ISO 27001) is an asset

Knowledge of Languages

Fluency in either of the working languages of the Court, English or French, is required. Working knowledge of the other is desirable. Knowledge of another official language of the Court (Arabic, Chinese, Russian, Spanish) would be considered an asset.