Cyber Security Architect - Engineer Senior

Software Guidance & Assistance, Inc., (SGA), is searching for a Cyber Security Architect - Engineer Senior for a contract assignment with one of our premier Financial Services clients in Farmington Hills, MI
.

Responsibilities :

• Responsible for deploying, operationalizing, and maturing application level security capabilities in alignment with global Architecture & Engineering (AE) strategy.
• Seeking a deep technical expert who can identify, assess, and remediate application security risks, while partnering closely with development teams, cloud engineers, and business stakeholders to ensure secure, scalable, and compliant solutions.
• Application Security
  • Deploy and operate application security capabilities, tools, and standardized requirements across the region.
  • Identify, analyze, and document application level vulnerabilities in a systematic and repeatable manner.
  • Communicate identified risks and mitigation strategies to technical and non technical stakeholders.
  • Collaborate with development teams and market units to coordinate and track remediation activities.
  • Provide hands-on support for secure design, remediation efforts, and secure SDLC practices.
  • Report on remediation progress, risk posture, and compliance readiness.
  • Deliver targeted application security training and awareness sessions.
  • Support deployment and monitoring of applications hosted in Microsoft Azure.
  • Explain and support application authentication and authorization concepts.
• Secure Profiling & Threat Modeling
  • Identify and document application threats using STRIDE, C4 modeling, and MITRE methodologies.
  • Build data flow diagrams and comprehensive threat models for critical applications.
  • Provide actionable security recommendations based on threat modeling outputs.
  • Maintain tracking and coordination of remediation activities resulting from secure profiling engagements.
• Identity & Access Architecture
  • Design secure authentication and authorization models using:
    • OAuth 2.0
    • OpenID Connect (OIDC)
    • SAML 2.0
  • Implement secure integrations with Microsoft Entra  (Azure AD).
  • Guide teams on:
    • JWT token validation
    • Managed identities
    • Service-to-service authentication
    • RBAC and Conditional Access
    • Secure API authorization
• Azure Cloud Security
  • Secure Azure-native workloads, including App Services, Azure Functions, AKS, and Virtual Machines.
  • Architect secure network configurations: NSGs, private endpoints, firewalls.
  • Implement secrets management with Azure Key Vault.
  • Use Defender for Cloud and Azure Policy for governance and continuous security improvement.
  • Ensure observability and monitoring via Log Analytics and Sentinel.

Required
Skills
:

• Bachelor's or Master's in Computer Science, Information Security, Cybersecurity, Engineering, or related discipline (Required).
• CISSP - Required
• CCSP - Recommended
• Azure
  
  Certifications:
  • AZ 104 (Required)
  • AZ 500, AZ 700, AZ 140 (Recommended)
• Minimum 10 years of experience in cybersecurity architecture and engineering.
• Strong background in threat modeling and application security tools, such as:
  • Microsoft Threat Modeling Tool
  • Threat Modeler
  • Irius Risk
  • securiCAD
• Proven experience designing and implementing countermeasures for application risks.
• Demonstrated experience collaborating with development teams during architecture, design, implementation, testing, and UAT phases.
• Experience identifying, analyzing, and managing risk in complex enterprise environments.
• Hands-on experience with security tools including:
  • Red Seal
  • Fortify
  • Burp Suite
  • Qualys
  • Wiz
  • Crowd Strike
  • Defect Dojo
• Deep knowledge of architectural blueprints for data center and cloud environments, with emphasis on Azure (IaaS, PaaS, SaaS).
• Strong ability to detect vulnerabilities through code review, application testing, and infrastructure assessments.
• High proficiency deploying and configuring applications in large-scale enterprise environments.
• Working knowledge of:
  • NIST frameworks
  • OWASP Top 10
  • Enterprise grade security design patterns

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do.

Be yourself, love what you do and find your passion ase find us at .
#LI-AS1

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities.

Please visit our company to request an accommodation or assistance regarding our policy