About the Role
We are seeking a highly skilled Cybersecurity Architect to support our Chief Information Security Officer (CISO) in developing, maturing, and maintaining the organization's cybersecurity architecture. This role is critical in designing and implementing robust security frameworks that protect our enterprise assets and align with industry best practices. The ideal candidate will lead or assist in the creation and implementation of security strategies, standards, and roadmaps to safeguard our digital infrastructure.
Core Responsibilities
- Architecture Design & Implementation: Develop and maintain a comprehensive cybersecurity architecture that integrates security controls across network, cloud, application, and data layers.
- Strategic Support: Collaborate with the CISO to define security vision, strategy, and roadmaps, ensuring alignment with business objectives and regulatory requirements.
- Security Frameworks: Establish and enforce security standards, policies, and guidelines based on NIST, ISO 27001, CIS, and other relevant frameworks.
- Risk Assessment: Conduct security assessments, threat modeling, and gap analyses to identify vulnerabilities and recommend mitigation strategies.
- Solution Evaluation: Evaluate and recommend security technologies, tools, and vendors to enhance the organization's security posture.
- Cross-Functional Collaboration: Work closely with IT, engineering, and business teams to embed security into system and application design (DevSecOps).
- Incident Response Support: Provide architectural expertise during security incidents and contribute to root cause analysis and remediation planning.
- Documentation & Communication: Create and maintain architecture diagrams, technical documentation, and executive summaries for diverse stakeholders.
- Mentorship: Guide and mentor junior security engineers and architects, fostering a culture of security excellence.
Required Qualifications
- Experience: 7+ years of progressive experience in cybersecurity, with at least 3 years in a senior architecture role.
- Technical Expertise: Deep knowledge of network security, cloud security (AWS, Azure, GCP), identity and access management (IAM), encryption, endpoint security, and zero trust principles.
- Frameworks & Standards: Proven experience with NIST Cybersecurity Framework, ISO 27001, CIS Controls, and PCI DSS.
- Architecture Tools: Proficiency in creating architectural diagrams (e.g., Visio, Lucidchart) and using security assessment tools (e.g., Nessus, Qualys, Burp Suite).
- Certifications: CISSP, CISM, TOGAF, or equivalent industry certifications required. SANS/GIAC certifications strongly preferred.
- Communication: Excellent verbal and written communication skills, with the ability to present complex security concepts to non-technical leadership.
- Problem-Solving: Strong analytical and critical-thinking abilities, with a proactive approach to identifying and addressing security risks.
Preferred Skills
- Cloud Security: Hands-on experience with cloud security architecture, including CASB, CSPM, and cloud-native security services.
- Application Security: Familiarity with secure SDLC, SAST/DAST tools, and API security.
- Threat Intelligence: Experience leveraging threat intelligence to inform architecture decisions and proactive defenses.
- Automation: Scripting or programming skills (Python, PowerShell) for automating security processes and integration.
- Regulatory Knowledge: Understanding of data privacy regulations (GDPR, CCPA, etc.) and industry-specific compliance requirements.
- Emerging Technologies: Awareness of AI/ML security, IoT security, and blockchain security concepts.
What Makes This Opportunity Stand Out
This role offers a unique chance to directly influence the security posture of a dynamic organization, working alongside an experienced CISO and a dedicated team. You will have the autonomy to shape architecture decisions, leverage cutting-edge technologies, and contribute to a culture of continuous improvement. The position provides excellent avenues for professional growth through exposure to diverse security challenges, collaboration with cross-functional teams, and opportunities to attend industry conferences and training. If you are passionate about building resilient security architectures and driving strategic security initiatives, this role is ideal for you.