Cybersecurity Architect

Overview

We are seeking a Cybersecurity Architect to serve as a strategic bridge across IT, engineering, product, and Cybersecurity teams. This role is responsible for evaluating and designing security solutions across enterprise technology environments, including on-premises, hybrid, SaaS, and cloud (where applicable).

You will translate business objectives and regulatory requirements into scalable security architectures, standards, and reusable design patterns that empower delivery teams to build secure solutions. In addition, you will act as a technical leader and subject matter expert (SME) for Cybersecurity architecture and related technologies.

• Act as a trusted Cybersecurity architecture SME, aligning security solutions with enterprise strategy, business outcomes, and organizational risk posture across technology domains.
• Partner with business, IT, engineering, and cybersecurity stakeholders to gather and define end-user requirements; convert these needs into actionable security architecture guidance, control objectives, and design recommendations.
• Assess technical feasibility and architectural tradeoffs of proposed solutions, ensuring security requirements are practical, scalable, and aligned with enterprise standards.
• Develop, own, and maintain enterprise security reference architectures, secure design patterns, and architectural guardrails for core capabilities such as Identity and access management;
  Network security and segmentation;
  Endpoint and workload protection;
  Application security;
  Data protection;
  Logging and monitoring;
  Secure remote access.
• Define and govern security architecture principles grounded in recognized engineering best practices (e.g., least privilege, defense-in-depth, secure-by-design, segmentation) and promote adoption through standards, reviews, and enablement.
• Perform architecture and design reviews for new initiatives and significant changes; document decisions, assumptions, residual risks, and compensating controls while recommending clear remediation actions.
• Establish measurable, testable, and traceable security requirements and control objectives for platforms, systems, and services (while not owning delivery execution).
• Collaborate with Cybersecurity Technology teams to influence product and technology roadmaps, maturity strategies, and prioritized capability enhancements based on threat trends, business direction, and architecture gaps.
• Build strong relationships with senior leaders and stakeholders to understand business priorities and advise on how security architecture can enable secure and timely delivery.
• Create and maintain security architecture documentation, including standards, patterns, diagrams, and decision records; provide guidance, coaching, and mentorship to elevate engineering and cybersecurity capabilities.

• 10+ years of experience in information technology, information security, and/or cybersecurity.
• Demonstrated experience designing security architectures in enterprise-scale environments, including identity, network segmentation, data protection, and security monitoring.
• Working knowledge of security control design and implementation (e.g., IAM, MFA, encryption, logging/monitoring, vulnerability management, endpoint/workload protection).
• Experience partnering with engineering and infrastructure teams to deliver secure solutions using iterative delivery models.
• Proven ability to translate security requirements into clear, actionable technical designs.
• Strong communication skills with the ability to explain complex technical concepts to diverse audiences and produce clear architectural artifacts (reference architectures, standards, patterns, and risk decision records).

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Systems, or a related discipline.
• 3+ years of experience in cloud cybersecurity.
• Experience designing and architecting cloud security solutions.
• Background serving as a technical leader or mentor.
• Experience securing hybrid environments (on-premises, cloud, and SaaS), including secure connectivity, segmentation, and identity boundary…