Job Description
Security Architecture & Design
- Define and maintain enterprise security architecture standards and reference architectures.
- Design secure solutions across on-prem and cloud infrastructure, SaaS and custom applications, identity, access, and privileged access, data protection and encryption.
Risk & Compliance Alignment
- Translate regulatory and contractual requirements into technical controls, including ISO/IEC 27001
- Support audits and assessments by reviewing architecture evidence, ensuring controls are implemented as designed.
- Partner with GRC teams on risk acceptance, control gaps, and remediation strategies.
Security Control Governance
- Define minimum security baselines for: endpoints and servers, virtual machines and containers, cloud workloads and platforms.
- Review and approve architecture diagrams, solution designs, third-party integrations.
- Participate in security design reviews.
- Review software packages for vulnerabilities and cybersecurity compliance.
Cloud & Platform Security
- Architect secure usage of public cloud (IaaS, PaaS), SaaS platforms and low-code tools.
- Define guardrails for: network segmentation, logging and monitoring, identity federation and conditional access.
- Ensure shared-responsibility boundaries are understood and enforced.
Collaboration & Advisory Role
- Act as a consultative partner to engineering and application teams, infrastructure and cloud teams, and procurement and vendor management.
- Provide architectural guidance early in project lifecycles to avoid rework.
- Mentor junior architects and security engineers.
Documentation & Communication
- Produce and maintain architecture standards and patterns, reference diagrams, security decision records.
- Communicate complex security concepts clearly to technical and non-technical audiences.
Required Qualifications
- Bachelor's degree in computer science, Information Security, or related field (or equivalent experience).
- 7+ years of experience in cybersecurity engineering, architecture, or infrastructure roles.
- Strong understanding of network, endpoint, cloud security, identity and access management, security monitoring and incident response concepts.
- Experience operating in regulated environments
Skills: architecture,cloud,infrastructure,cybersecurity,security
