Cyber Security Architect II

Job Summary

Roush is looking to add a Cyber Security Architect II to join their team. The position is a hybrid role located in Livonia, MI.

• Lead the implementation and optimization of security and compliance capabilities within Microsoft 365, ensuring alignment with Roush’s security requirements and regulatory requirements.
• Design, implement, and manage Identity and Access Management (IAM) strategies, including role-based access control (RBAC), least privilege principles and multi-factor authentication (MFA) solutions.
• Perform vulnerability assessments and remediation. Collaborate with technical teams to prioritize and remediate vulnerabilities based on risk.
• Audit endpoint and server patching processes to identify gaps, ensure timely remediation, and improve overall patch compliance.
• Define and implement technical and business processes for data protection, leveraging tools to safeguard sensitive data and ensure privacy, security, and integrity.
• Collaborate with Dev Ops teams to integrate security practices into the software development lifecycle (SDLC), including secure coding standards, code review processes, and automated security testing.
• Lead cyber security education and simulated phishing tests.
• Evaluate and manage third‑party vendor security risks, conduct security assessments and ensure business associates comply with security requirements.
• Conduct ongoing research into evolving threat landscapes, vulnerabilities, and mitigation techniques to inform detection, response, and remediation strategies.

• Bachelor’s degree in computer science, computer engineering, or related experience.
• Minimum of 5 years of hands‑on experience managing Microsoft 365 security tools or comparable cloud platforms (e.g., Vulnerability Management, EDR) with a strong focus on risk-based remediation.
• U.S. Citizen or U.S. Permanent Resident allowing for International Traffic in Arms Regulations (ITAR) compliance.
• Experience with cloud-delivered commercial and government-based solutions such as Microsoft M365‑E5/Azure, Amazon Web Services and Google Cloud Platform, and experience with IT backup and disaster recovery systems.
• Working knowledge of NIST CSF, 800‑171, CMMC, ISO‑27001, TISAX, MS‑365 Security & Compliance, DLP, SIEM, EDR, Email Security, Vulnerability Management, Incident management, TCP/IP, DNS, and DHCP.
• Knowledge of firewalls, switches, servers (Windows, Linux) and databases.
• Understanding and proficiency with SAN (Storage Area Network) and NAS (Network Attached Storage), LAN and WAN concepts and configurations such as routing, cabling, VPN, and ISP options.
• Ability to act effectively as a technical resource.
• Excellent communication skills including ability to interact effectively with customers, vendors, and team members and strong leadership and organizational skills.

• Master’s degree in business or information technology or related field.
• Minimum 5 years of professional experience supporting, securing, and maintaining networks, servers, and cloud environments.
• Certification(s) in information security such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), etc.
• Hands‑on experience designing, implementing, and operating enterprise security controls, platforms, and tooling across cloud and on‑prem environments.

Medical, dental, vision, life insurance, earned sick time, STD, LTD, 401(k), tuition reimbursement, paid vacation, paid holidays, and more.

Roush is an Equal Opportunity employer – Veterans/Disabled and other protected categories.