Enterprise Cyber Security Architect

At Volvo Cars, we’re on a journey to shape the future of mobility - safe, sustainable, and powered by technology that earns trust. As an Enterprise Security Architect, you play a key role in making sure cybersecurity is seamlessly embedded into how we design and evolve our enterprise architecture.

This isn’t an operational security role. Instead, you partner across the organisation to ensure our architecture, standards, and ways of working reflect strong, forward‑looking cybersecurity thinking from the start. You help us build secure foundations, so teams can innovate with confidence.

Build cybersecurity into our enterprise architecture

• Define and maintain enterprise architecture principles and standards grounded in Volvo Cars’ Minimum Cyber Security Requirements and secure development lifecycle expectations.
• Provide clear, actionable reference architectures and guardrails that guide secure and consistent solution design across domains.
• Identify cross‑domain dependencies and decisions that influence security, resilience, and long‑term maintainability.
• Support technology roadmaps to ensure our architecture choices align with business direction and create long‑term value.

Strengthen governance and decision‑making

• Integrate cybersecurity considerations into enterprise architecture governance and decision frameworks.
• Ensure architectural decisions are evaluated with a balanced view of risk, control coverage, long‑term cost, and delivery impact.
• Partner with cybersecurity governance and risk teams to keep regulatory and policy requirements reflected in our architecture standards.

Collaborate and influence across Volvo Cars

• Work closely with domain architects, product teams, platform teams, and cybersecurity specialists to build shared understanding of secure architecture expectations.
• Clarify responsibilities and expectations among internal teams and suppliers—especially where integration, shared platforms, or cross‑domain dependencies exist.
• Drive adoption of enterprise building blocks and approved patterns to reduce fragmentation and avoid recurring security gaps.

• Extensive experience in enterprise architecture within complex, multi‑domain environments.
• Proven ability to embed cybersecurity requirements into architecture standards, governance, and lifecycle processes, without taking on operational security ownership.
• Strong understanding of secure design principles, identity and access management, data protection, and platform security fundamentals.
• Ability to communicate clearly across both technical and business audiences, building alignment and trust.
• A structured approach to decision‑making, balancing risk, cost, constraints, and delivery realities.

• Cybersecurity requirements and secure development expectations are consistently visible in enterprise architecture standards and governance outcomes.
• Architecture decisions and exceptions are well‑documented, traceable, and aligned across domains.
• Security guardrails are effectively embedded into our tooling landscape (Signavio, LeanIX, ServiceNow).
• Reduced re‑work and fewer late‑stage security issues due to early, consistent architectural guidance.