DescriptionSummary:
We are seeking an experienced and innovative Cybersecurity Architect to join our Enterprise Architecture team. This key role is responsible for designing and implementing secure architectures that protect the organization's critical systems, applications, and data across cloud, on-premises, and hybrid environments. The ideal candidate will have extensive expertise in cybersecurity principles, DevOps integration, and Software Development Life Cycle (SDLC) governance, and will serve as a thought leader in shaping the organization's security strategy.
As the Cybersecurity Architect, you will play a pivotal role in aligning security architecture with business objectives, leading risk management initiatives, and ensuring compliance with industry regulations and best practices. You will also drive the organization's security architecture vision, collaborate with cross-functional teams, and integrate security into every stage of the development and operations lifecycle.
Key Responsibilities:
Security Architecture Design:
- Design, develop, and implement comprehensive cybersecurity architectures across on-premises, cloud, and hybrid environments.
- Create security reference architectures for enterprise systems and lead technical projects to implement these designs.
- Ensure security requirements are embedded in the architecture of new and existing applications and infrastructure, aligning with both technical and business needs.
Strategic Security Leadership:
- Define and communicate the organization's cybersecurity architecture vision and roadmap, driving the overall cybersecurity strategy.
- Lead threat modeling, vulnerability assessments, and mitigation strategies to manage risk across the organization.
- Serve as a cybersecurity thought leader, advising senior leadership on emerging threats, regulatory changes, and advancements in security technologies.
DevOps and SDLC Integration:
- Collaborate with DevOps teams to integrate security throughout the CI/CD pipeline, ensuring automated and embedded security controls at all stages of software development.
- Define and enforce secure SDLC processes, ensuring alignment with compliance and governance frameworks.
- Lead the implementation of DevSecOps practices, embedding security testing, monitoring, and controls into the software development lifecycle.
Governance and Compliance:
- Ensure security architectures comply with industry standards (ISO 27001, NIST, GDPR, HIPAA, etc.) and internal security policies.
- Develop and implement security policies, standards, and procedures that align with regulatory requirements and industry best practices.
- Oversee security audits, assessments, and reviews to ensure that security controls are effective and compliant.
Collaboration and Communication:
- Act as the primary liaison between the cybersecurity team and other IT, development, and business units to ensure alignment on security requirements and strategies.
- Communicate complex security concepts to both technical and non-technical stakeholders, ensuring a shared understanding of security risks and solutions.
- Lead cross-functional teams in security-related projects, providing architectural guidance and leadership.
Security Technology Evaluation:
- Evaluate and recommend new security technologies and solutions to strengthen the organization's security posture.
- Stay informed of the latest cybersecurity trends, technologies, and emerging threats to ensure resilience.
- Lead proof-of-concept initiatives and pilot programs to assess the feasibility of new security solutions.
Desired Experience and Skills:
- 10+ years of experience in cybersecurity, including at least 3 years in an architecture or leadership role.
- Deep understanding of security frameworks and standards (e.g., SOC2, NIST, ISO 27001) with hands-on experience in cloud and network security.
- Expertise in integrating security into DevOps workflows and SLC processes.
- Understanding and experience designing and implementing zero trust architecture principles.
- Proven experience designing and implementing security architectures for large scale enterprise environments.
- Strong understanding of regulatory compliance requirements (ISO 27001, NIST, GDPR, HIPPA)
- Excellent leadership, communication, and problem-solving skills with the ability to convey complex security concepts to diverse audiences.
- Experience with cloud platforms and services such as AWS, Azure, or Google Cloud.
- Knowledge of container security, microservices architecture, and serverless environments.
- Familiarity with security automation tools, SIEM, IDS/IPS, and security orchestration solutions.
- Experience in leading incident response and forensic investigations.
Education / Certifications:
- Bachelor's or master's degree in information technology, Computer Science, or a related field or equivalent experience.
- Professional certifications such as CISSP, CISM, TOGAF, SABSA, or equivalent.
Compensation and Benefits:
The salary range for this role is $148,000 -$222,000 and is based on experience and qualifications.
Certain roles are eligible for annual bonus and may include equity. These awards are allocated based on company and individual performance.
We offer employees access to healthcare benefits, a 401(k) plan and company match, short-term and long-term disability coverage, life insurance, wellbeing benefits and paid time off among others. Employees accrue up to 120 hours in their first year. Your accrual rate increases after your first year. We also offer 6 paid holidays.