Key Responsibilities
Enterprise Security Strategy & Architecture
- Define and maintain enterprise security strategy and architecture roadmap
- Develop domain architecture standards, patterns, and reference models
- Create current and future state security architecture documentation
- Align security architecture with enterprise IT and business strategy
Technical Leadership & Security Design
- Provide leadership across endpoint, network, cloud, and application security domains
- Design secure architecture solutions in collaboration with technical teams
- Evaluate and implement third-party security solutions and tools
- Guide architecture design for new products and enhancements
Governance & Risk Management
- Provide oversight across multiple security initiatives and programs
- Ensure compliance with security policies, SOC2, and regulatory requirements
- Participate in IT governance and risk decision-making processes
- Identify risks in IT investments and recommend mitigation strategies
Stakeholder Management & Communication
- Act as a bridge between technical teams, solution architects, and business leadership
- Communicate security risks, strategies, and decisions to global stakeholders
- Influence senior leadership and drive alignment on security decisions
- Support change management across enterprise security initiatives
Security Operations & Infrastructure Oversight
- Ensure implementation of secure infrastructure including firewalls, VPNs, and B2B controls
- Oversee identity and access management (e.g., Okta, PingFederate, ADFS)
- Support secure integration of cloud platforms (Azure PaaS/IaaS)
- Ensure adherence to encryption, certificate, and key management standards
Risk & Compliance Alignment
- Monitor evolving threat landscape and adapt security architecture accordingly
- Ensure compliance with enterprise security policies and industry standards
- Support regulatory and audit requirements (SOC2 and others)
- Recommend improvements to security controls and processes
Third-Party & Technology Evaluation
- Assess and recommend third-party security tools and platforms
- Analyze benefits and risks of new security technologies
- Provide input on enterprise security investments and architecture decisions
