Senior Security Architect

Dispel is redefining how the world’s most critical industries connect, protect, and operate. Built for both operational technology (OT) and security teams, our Zero Trust Engine delivers secure, scalable connectivity across every make, model, and generation of equipment—enabling fast, reliable remote access, industrial data streaming, and integrated threat monitoring.

We are seeking a Senior Security Architect to lead offensive security operations and product security assurance for our Zero Trust Engine (ZTE) platform and enterprise infrastructure. You will be the technical authority for security architecture decisions, conducting internal red team operations, threat modeling, and building security into our CI/CD pipelines while supporting the maturation of our Security Operations Center.

• Plan and execute internal red team engagements against the ZTE platform and corporate infrastructure.
• Conduct regular penetration testing of applications, APIs, cloud infrastructure (AWS Gov Cloud), and network segments.
• Develop and maintain adversary emulation capabilities aligned with MITRE ATT&CK for IC S.
• Document findings with actionable remediation guidance and track to resolution.
• Coordinate with external penetration testing firms for annual assessments.
• Lead threat modeling sessions for new features and architectural changes using STRIDE, PASTA, or attack trees.
• Review and approve security architecture for product changes before implementation.
• Participate in Change Control Board (CCB) reviews with security sign‑off authority.
• Define security requirements and acceptance criteria for development teams.
• Maintain threat models for ZTE components including Moving Target Defense, access control, session recording, and password vaulting.
• Design and implement deception technologies and honeypots within the product and infrastructure.
• Collaborate with SOC to.sidebar to develop detection rules based on offensive findings.
• Create purple‑team exercises bridging red team operations with blue team response.
• Develop adversary playbooks that inform SOC runbooks.
• Implement and maintain security controls in CI/CD pipelines (SAST, DAST, SCA, secrets scanning, container scanning કેટલી).
• Define and enforce security gates for code promotion.
• Review infrastructure‑as‑code for security misconfigurations.
• Integrate security testing into Git Hub workflows.
• Establish software supply chain security controls (SBOM generation, dependency verification).
• Stand up and operationalize a vulnerability management program in coordination with SOC.
• Define vulnerability severity thresholds, SLAs, and escalation procedures.
• Triage and prioritize vulnerabilities based on exploitability and business context.
• Track remediation progress and report metrics to leadership.
• Partner with SOC team on playbook development for incident response.
• Provide offensive perspective on detection gaps and coverage.
• Support SOC maturation through training, tabletop exercises, and purple‑team activities.
• Contribute to SIEM rule development and tuning (Google Sec Ops).

• 8‑12 years of experience in cybersecurity, with 5+ years in offensive security, application security, or security architecture.
• Proven experience conducting penetration testing and red team operations.
• Strong knowledge of cloud security (AWS required; Azure/GCP beneficial).
• Experience with CI/CD security tooling and Dev Sec Ops  practices.
• Hands‑on experience with threat modeling methodologies.
• Proficiency in at least one scripting/programming language (Python, Go, Bash).
• Understanding of OT/ICS security concepts and protocols.
• Experience with vulnerability management tools and processes.
• Excellent written and verbal communication skills.
• Preferred:
  Experience with Moving Target Defense or software‑defined perimeter technologies.
• Background in OT/ICS environments (SCADA, PLCs, industrial protocols).
• Experience with compliance frameworks:
  FedRAMP, CMMC, IEC 62443, NERC‑CIP, NIST 800‑53/800‑82.
• Familiarity with zero‑trust architecture principles.
• Experience with AWS Gov Cloud.
• Previous startup or high‑growth company experience.
• Certifications, if any (preferred): OSCP, OSCE, OSWE,…