Associate Enterprise Security Architect

About The Position

Requirements

• 2 to 5+ years of experience in information security, security engineering, IT, systems engineering, or related technical roles.
• Working knowledge of core security domains: IAM, network security, endpoint security, vulnerability management, encryption, and logging/monitoring, data protection.
• Familiarity with cloud concepts and shared responsibility (AWS, Azure, and/or GCP) and how security guardrails are implemented in cloud environments.
• Experience with design and implementation of AI security controls for enterprise environments.
• Ability to translate security risk into clear requirements and actionable guidance for engineering and IT teams.
• Strong documentation and communication skills (comfortable writing standards and presenting to stakeholders).
• Understanding of common security frameworks and control concepts (e.g., NIST CSF, NIST AI RMF, NIST 800-53, CIS Controls, OWASP, PCI/DSS, etc.).
• Familiarity with SABSA Enterprise Security methodology
• Self-accountability is a must

Nice To Haves

• Exposure to enterprise architecture concepts (capability models, target-state roadmaps, architecture review boards).
• Exposure to SABSA Enterprise Security methodology, in practice.
• Experience contributing to Zero Trust programs, segmentation strategies, enterprise IAM modernization and enterprise AI security.
• Familiarity with GRC processes (risk exceptions, control mapping, audit support), without being purely a compliance role.
• Experience with security architecture modeling or diagramming (e.g., C4, ArchiMate, Visio/Lucidchart).
• Experience in security solutions design and evaluation.
• Certifications (nice to have, not required): SABSA Foundation, CCSP, Security+, AZ-500, AWS Security Specialty, CISSP (Associate), Logging/SIEM/Security Vendor certifications

Responsibilities

• Assist in developing and maintaining enterprise security architecture standards, patterns, reference architectures and designs (identity, network segmentation, endpoint, cloud, application, data protection, AI, etc.).
• Assist in building the Enterprise Security Architecture framework for the company utilizing SABSA methodology at the direction of a SABSA certified architect.
• Participate in architecture and design reviews to ensure major initiatives align with enterprise security principles, approved patterns, and business objectives.
• Help define security requirements and controls that can be reused across teams, products, and platforms, including AI controls focused on GenAI, Agents, Agentic, MCP, RAG, etc.
• Support the creation and maintenance of target-state security roadmaps (e.g., Zero Trust adoption, logging and detection strategy, IAM modernization, AI Security).
• Contribute to security governance processes, including exception handling, risk acceptance support, and documenting architectural decisions.
• Partner with Security Engineering and IT to ensure enterprise standards can be implemented operationally (pragmatic, measurable, and supportable).
• Assist in vendor and technology evaluations to ensure tools align with architectural standards and integrate with the broader ecosystem.
• Help map security architecture to compliance frameworks and internal policies (NIST CSF, NIST AI RMF, SOC 2, ISO 27001, PCI DSS, etc.), ensuring designs support auditability.
• Contribute to metrics and reporting on architecture adoption (pattern usage, exceptions, gaps, and roadmap progress).
• Maintain clear architecture documentation and communicate standards to stakeholders through presentations, docs, and working sessions.