Cybersecurity Architect - Threat and Vulnerability Management

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, or related experience
• 7+ years of experience in cybersecurity, with at least 2–3 years in architecture or senior engineering roles
• Hands on experience in Cyber Threat and Offensive Security operations to test and validate the effective operation of security controls, measuring the ability to stop threats and attacks at the earliest point in the kill chain
• Strong knowledge of network security, cloud security (AWS/Azure/GCP), and enterprise architectures
• Strong understanding of the fundamental operations of servers, operating systems, networks, cloud applications and infrastructure along with an advanced understanding of the key controls required for secure operation of these systems
• Experience scripting in at least one of the following languages: PowerShell, Python, JavaScript
• Experience in aligning threat and vulnerability management efforts to frameworks and control objectives - MITRE ATT&CK, NIST CSF, ISO27001, Center for Internet Security, OWASP
• Experience integrating the following tools and capabilities into a successful threat and vulnerability program – Security Orchestration Automation and Response, Security Information and Event Management, Vulnerability Scanning, Security Threat Feeds, Red Team Tooling
• Knowledge of Zero Trust architecture and modern identity security practices

Responsibilities

• Design and evolve enterprise security architecture with a strong emphasis on secure-by-design principles, ensuring security is embedded early in system and application lifecycles
• Lead the development and adoption of secure design patterns and reference architectures, particularly for cloud-native and SaaS-based environments
• Act as a key liaison between Red Team and Blue Team, translating adversarial findings into architectural improvements, detection use cases, and resilient system designs
• Plan and execute Purple Team exercises to validate security controls across infrastructure, applications, and SaaS platforms, ensuring visibility and response capabilities are effective
• Develop and maintain threat models for critical systems, including SaaS integrations, APIs, and identity flows, identifying attack paths and prioritizing mitigations
• Define and enforce security architecture standards for SaaS adoption
• Assess and secure SaaS ecosystems, including third-party integrations, OAuth applications, and API exposure risks
• Evaluate and recommend controls for modern architectures, including Zero Trust, microservices, containers, and serverless environments
• Drive improvements in detection engineering by mapping adversary TTPs (e.g., via MITRE ATT&CK) to logging, alerting, and response capabilities
• Collaborate with cloud and platform teams to ensure secure configuration and continuous compliance across SaaS and IaaS environments
• Conduct architecture risk assessments and provide actionable remediation strategies aligned with business risk tolerance
• Promote security observability across SaaS platforms by ensuring proper logging, telemetry, and integration with SIEM/SOAR solutions
• Mentor engineers and architects on secure design principles, SaaS security risks, and adversarial thinking

Benefits

• benefits
• discretionary bonus