We are looking for an experienced Cyber Security Architect (CISO Department) to join our Security Architecture team and help design, review, and guide the implementation of security controls across the organization.
The Cyber Security Architect will work closely with Security, IT, Engineering, Cloud, DevOps, Infrastructure, and business stakeholders to ensure that systems, applications, cloud services, SaaS platforms, and internal processes are designed and operated securely.
This role requires a strong combination of technical depth, risk-based thinking, practical security judgment, and the ability to translate security requirements into scalable architecture and actionable guidance.
Key Responsibilities:
Security Architecture & Risk Advisory
Design and review security architecture across enterprise systems, applications, cloud environments, SaaS platforms, infrastructure, and third-party integrations.
Define security requirements and assess architecture (including data flows, authentication models, network connectivity, APIs, and integrations) for new technologies, projects, and business initiatives.
Perform technical security reviews of systems, tools, vendors, and integrations, identifying gaps and providing practical, risk-based recommendations.
Clearly communicate security risks, business impact, and mitigation strategies to technical and non-technical stakeholders.
Act as a trusted security advisor to IT, Engineering, DevOps, Product, and business teams, balancing risk reduction with business enablement.
Identity, Access & Zero Trust
Define and improve identity and access control architecture across enterprise systems, cloud services, SaaS platforms, and internal applications.
Support implementation and improvement of controls such as SSO, MFA, conditional access, device posture, privileged access management, RBAC, and access governance.
Review authentication and authorization models for internal and external-facing applications.
Help drive Zero Trust initiatives across users, devices, applications, networks, and data.
Security Standards, Patterns & Governance
Contribute to policies and procedures related to data protection, AI usage, and secure development.
Document architecture decisions, exceptions, risks, compensating controls, and approved security patterns.
Support continuous improvement of security architecture processes, documentation, and intake workflows.
Partner with Governance, Risk & Compliance, Legal, Privacy, and Procurement teams as needed.
Security Operations & Detection Enablement
Ensure systems are designed with appropriate security logging, SIEM integration, and visibility requirements to support SOC monitoring and incident response.
Work with SOC, Detection Engineering, EDR/XDR, SIEM, and Incident Response teams to embed visibility and response requirements into architecture.
Support investigations and post-incident reviews when architecture improvements or control enhancements are required.
The Cyber Security Architect will work closely with Security, IT, Engineering, Cloud, DevOps, Infrastructure, and business stakeholders to ensure that systems, applications, cloud services, SaaS platforms, and internal processes are designed and operated securely.
This role requires a strong combination of technical depth, risk-based thinking, practical security judgment, and the ability to translate security requirements into scalable architecture and actionable guidance.
Key Responsibilities:
Security Architecture & Risk Advisory
Design and review security architecture across enterprise systems, applications, cloud environments, SaaS platforms, infrastructure, and third-party integrations.
Define security requirements and assess architecture (including data flows, authentication models, network connectivity, APIs, and integrations) for new technologies, projects, and business initiatives.
Perform technical security reviews of systems, tools, vendors, and integrations, identifying gaps and providing practical, risk-based recommendations.
Clearly communicate security risks, business impact, and mitigation strategies to technical and non-technical stakeholders.
Act as a trusted security advisor to IT, Engineering, DevOps, Product, and business teams, balancing risk reduction with business enablement.
Identity, Access & Zero Trust
Define and improve identity and access control architecture across enterprise systems, cloud services, SaaS platforms, and internal applications.
Support implementation and improvement of controls such as SSO, MFA, conditional access, device posture, privileged access management, RBAC, and access governance.
Review authentication and authorization models for internal and external-facing applications.
Help drive Zero Trust initiatives across users, devices, applications, networks, and data.
Security Standards, Patterns & Governance
Contribute to policies and procedures related to data protection, AI usage, and secure development.
Document architecture decisions, exceptions, risks, compensating controls, and approved security patterns.
Support continuous improvement of security architecture processes, documentation, and intake workflows.
Partner with Governance, Risk & Compliance, Legal, Privacy, and Procurement teams as needed.
Security Operations & Detection Enablement
Ensure systems are designed with appropriate security logging, SIEM integration, and visibility requirements to support SOC monitoring and incident response.
Work with SOC, Detection Engineering, EDR/XDR, SIEM, and Incident Response teams to embed visibility and response requirements into architecture.
Support investigations and post-incident reviews when architecture improvements or control enhancements are required.
Requirements:
5+ years of experience in cyber security, security architecture, cloud security, infrastructure security, application security, or related roles.
Strong understanding of enterprise security architecture principles.
Hands-on experience with cloud platforms such as Azure, AWS, and/or GCP.
Strong knowledge of identity and access management, including SSO, MFA, conditional access, RBAC, privileged access, and access governance.
Experience reviewing security architecture for SaaS platforms, enterprise applications, APIs, and integrations.
Familiarity with network security concepts, including segmentation, firewalls, VPN, ZTNA, proxies, DNS, TLS, and secure connectivity.
Understanding of endpoint security, EDR/XDR, device compliance, and secure workstation/server configurations.
Knowledge of data protection concepts such as encryption, DLP, classification, tokenization, secrets management, and key management.
5+ years of experience in cyber security, security architecture, cloud security, infrastructure security, application security, or related roles.
Strong understanding of enterprise security architecture principles.
Hands-on experience with cloud platforms such as Azure, AWS, and/or GCP.
Strong knowledge of identity and access management, including SSO, MFA, conditional access, RBAC, privileged access, and access governance.
Experience reviewing security architecture for SaaS platforms, enterprise applications, APIs, and integrations.
Familiarity with network security concepts, including segmentation, firewalls, VPN, ZTNA, proxies, DNS, TLS, and secure connectivity.
Understanding of endpoint security, EDR/XDR, device compliance, and secure workstation/server configurations.
Knowledge of data protection concepts such as encryption, DLP, classification, tokenization, secrets management, and key management.
This position is open to all candidates.
