Sr. Security Architect Manager
Listed on 2026-07-16
-
IT/Tech
Cybersecurity, Cloud Computing: Infrastructure & Operations, Systems Engineer
Sr. Security Architect Manager
Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities – revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers – so they can remain focused on the business of water.
For additional information, please visit the company website.
Sr. Security Architect Manager
Position Summary
As Sr. Security Architect Manager, you will own Neptune's security architecture function across Enterprise, Cloud, and Product Security. You will define architecture strategy, standards, and reference architectures; lead a team of security architecture resources; and serve as the principal architecture partner to IT, Engineering, Cloud, and Product Development. You will drive security-by-design principles, ensure compliance alignment, and provide senior technical guidance during incidents and governance reviews.
Responsibilities:
Architecture Strategy & Leadership
- Own security architecture strategy across Enterprise, Cloud, and Product Security, aligned to business objectives and risk posture
- Define and maintain architecture standards, reference architectures, and reusable control patterns
- Lead architecture reviews for new initiatives, system changes, and product programs
- Manage and provide technical direction to a team of security architecture resources
- Govern architecture documentation, decision records, and compliance evidence artifacts
Cloud Security Architecture & Engineering
- Own cloud security architecture, landing zones, guardrails, and controls across AWS and Azure
- Oversee cloud security engineering, posture assessments, IaC security, and CI/CD pipeline hardening
- Enforce security-by-design and least-privilege across cloud networking, identity, and workloads
- Design and oversee security controls for AI/ML services (e.g., AWS Bedrock, Azure OpenAI, Sage Maker)
- Govern enterprise AI tool consumption to prevent sensitive data from reaching third-party LLM APIs or AI-enabled SaaS platforms
Security Posture, Detection & Monitoring
- Assess and improve cloud security posture using telemetry, CSPM, and logging platforms
- Identify misconfigurations, control gaps, and emerging risks across cloud environments
- Partner with Security Operations to improve visibility and response for cloud-related risks
- Critically assess AI-driven security tooling (CSPM, SIEM) to ensure detection quality
Product Security Architecture
- Own architecture oversight across Neptune's AMI product security program — meter endpoints, RF/cellular, cloud pipelines, and SaaS
- Direct product security architecture resources in threat modeling, design reviews, firmware assessments, and compliance translation
- Ensure product security aligns with IEC 62443, NIST SP 800-82, NIST SP 800-218 (SSDF), and SOC 2
- Serve as security architecture liaison between Cybersecurity and product development teams
Incident Response & Readiness
- Provide technical guidance during cloud and product security incidents — investigation, containment, and remediation
- Drive root cause analysis and architectural improvements following incidents
- Participate in tabletop exercises and threat modeling activities
Governance, Compliance & Collaboration
- Ensure environments align with internal standards and frameworks (CIS, NIST, IEC 62443, SOC 2, Roper Cyber Controls)
- Support audit and compliance efforts with architecture artifacts and technical evidence
- Research emerging threats and technologies to proactively strengthen defenses
- Leverage AI-assisted tools to accelerate security engineering, threat modeling, and compliance automation
Relevant Platforms (experience with several expected):
- Cloud: AWS, Azure
- Cloud Security & Posture: AWS Security Hub, AWS Config, Azure Policy, CSPM tools
- Identity & Access:
Microsoft AD / Entra , IAM, PAM - Detection & Monitoring: SIEM platforms, cloud logging and telemetry
- Product / IoT:
Embedded firmware tool chains, SAST/DAST/SCA, IEC 62443 frameworks - Dev Sec Ops & Automation:
IaC, CI/CD pipelines, scripting (Power…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).