Director Technology, Security Architecture, Operations & Engineering

Archer is an aerospace company based in San Jose, California building an all‑electric vertical takeoff and landing aircraft with a mission to advance the benefits of sustainable air mobility. We are designing, manufacturing, and operating an all‑electric aircraft that can carry four passengers while producing minimal noise. Our sights are set high and our problems are hard, and we believe that diversity in the workplace is what makes us smarter, drives better insights, and will ultimately lift us all to success.

We are dedicated to cultivating an equitable and inclusive environment that embraces our differences, and supports and celebrates all of our team members.

We are seeking a Director of Cybersecurity Architecture and Engineering to develop and implement Archer’s enterprise security infrastructure and technical strategy. You are a strategic, hands‑on technology expert and an excellent communicator who can see the big picture. Reporting directly to the CISO, you will lead the design and deployment of security architecture across identity, cloud, applications, and infrastructure, while ensuring strict compliance with NIST SP 800‑171, CMMC Level 2, SOX, and ITAR standards.

This role combines technical excellence with security strategy, requiring deep expertise in modern security tools, architecture patterns, and the ability to translate business risks into technical requirements that all teams can follow. You will work with cloud, application, identity, and infrastructure teams to develop a unified, defense‑in‑depth security architecture that helps Archer maintain federal contractor eligibility, achieve operational agility, and scale confidently.

• Design and implement a unified Zero Trust Architecture (ZTA) that spans identity, network, cloud, application, and infrastructure domains, establishing architecture standards and guiding principles for all security domains across Archer.
• Lead the architecture and technical design of cloud security infrastructure (AWS and Azure), including secure landing zones, network segmentation, encryption strategies, and shared security services (logging, threat detection, key management).
• Establish security control architecture aligned to NIST SP 800‑171 and CMMC Level 2 frameworks, translating control requirements into technical solutions and engineering roadmaps across the enterprise.
• Design and oversee the implementation of an identity and access management architecture (Okta, privileged access management, identity governance), ensuring scalability, auditability, and alignment with zero‑trust principles.
• Create and maintain security architecture blueprints and technical reference architectures (cloud, microservices, Dev Sec Ops ) that enable consistent, secure design across all engineering teams.
• Establish Dev Sec Ops  architecture and practices, including CI/CD security gates, infrastructure‑as‑code scanning, supply chain security, and automated compliance evidence collection integrated into the development pipeline.
• Lead security architecture reviews for major infrastructure, cloud, and application projects, ensuring security requirements are integrated early, and tradeoffs between security and business needs are documented.
• Drive the design and implementation of enterprise security tooling strategy (SIEM, CSPM, endpoint detection, threat intelligence), ensuring tools integrate seamlessly and reduce operational friction.
• Establish threat modeling and attack surface management practices across engineering teams, prioritizing investments based on residual risk and business impact.
• Mentor and lead security engineers and architects, establishing technical standards, conducting design reviews, and building a strong security engineering culture.
• Stay current with emerging threats, architectural patterns, and security technologies, representing Archer at industry forums and translating external security research into internal architectural improvements.
• Communicate security architecture and risk posture clearly to executive leadership, boards, and external auditors, translating technical complexity into business language.