Director - Security Architecture, Operations, and Engineering

About The Position

Requirements

• Bachelor’s degree in computer science, Information Security, Engineering, or related field (or equivalent work experience).
• 10 plus years of experience in Security Engineering, Cloud Architecture, Infrastructure Design, or related roles, with a minimum of 3 years in a lead or principal architect role designing enterprise-scale security architectures.
• Expert-level understanding of Zero Trust Architecture (ZTA) principles and hands-on experience designing and implementing ZTA across multiple domains (identity, network, cloud, application).
• Deep technical expertise in cloud security architecture (AWS and Azure), including networking, identity services, compute security, data protection, and logging.
• Hands-on architecture experience with identity and access management platforms (Okta, Azure AD) and privileged access management solutions.
• Expert-level understanding of NIST SP 800-171 and CMMC Level 2 frameworks, with the ability to design control architecture and technical solutions that satisfy compliance requirements.
• Strong knowledge of SOX ITGC requirements, ISO 27001 architecture, and ability to design controls that balance security and operational needs.
• Architecture and design experience with infrastructure-as-code, containerization, Kubernetes, and DevSecOps practices.
• Proficiency in threat modeling methodologies and ability to assess residual risk in complex systems.
• Strong communication skills to present security architecture to technical teams, executive leadership, and boards, translating technical concepts into business language.
• You’re a utility player with demonstrated ability to lead and mentor teams, define standards, and drive cross-functional initiatives.

Nice To Haves

• Experience in Aerospace, Defense, or Federal Contractor industries, including familiarity with CMMC, FedRAMP, and DoD contract requirements.
• Hands-on experience with security architecture in highly regulated environments (financial services, healthcare, defense).
• Deep expertise in advanced threat detection, incident response architecture, and SIEM/SOAR design.
• Architecture experience with API security, microservices security, and supply chain security (software composition, SBOM, secure supply chain practices).
• Professional certifications such as CISSP, CCSK, or cloud architecture certifications (AWS Solutions Architect Professional, Azure Solutions Architect Expert), combined with a security focus.
• Published research, speaking experience, or thought leadership in security architecture.
• Advanced degree in Cybersecurity, Computer Science, or Engineering.
• Experience designing and implementing enterprise security automation and orchestration platforms.
• Background in building and scaling security engineering teams.

Responsibilities

• Design and implement a unified Zero Trust Architecture (ZTA) that spans identity, network, cloud, application, and infrastructure domains, establishing architecture standards and guiding principles for all security domains across Archer.
• Lead the architecture and technical design of cloud security infrastructure (AWS, Azure, and GCP), including secure landing zones, network segmentation, encryption strategies, and shared security services (logging, threat detection, key management).
• Establish security control architecture aligned to NIST SP 800-171 and CMMC Level 2 frameworks, translating control requirements into technical solutions and engineering roadmaps across the enterprise.
• Design and oversee the implementation of identity and access management architecture (Okta, privileged access management, identity governance), ensuring scalability, auditability, and alignment to zero trust principles.
• Create and maintain security architecture blueprints and technical reference architectures (cloud, microservices, DevSecOps) that enable consistent, secure design across all engineering teams.
• Establish DevSecOps architecture and practices, including CI/CD security gates, infrastructure-as-code scanning, supply chain security, and automated compliance evidence collection integrated into the development pipeline.
• Lead security architecture reviews for major infrastructure, cloud, and application projects, ensuring security requirements are integrated early, and tradeoffs between security and business needs are documented.
• Drive the design and implementation of enterprise security tooling strategy (SIEM, CSPM, endpoint detection, threat intelligence), ensuring tools integrate seamlessly and reduce operational friction.
• Establish threat modeling and attack surface management practices across engineering teams, prioritizing investments based on residual risk and business impact.
• Mentor and lead security engineers and architects, establishing technical standards, conducting design reviews, and building a strong security engineering culture.
• Stay current with emerging threats, architectural patterns, and security technologies, representing Archer at industry forums and translating external security research into internal architectural improvements.
• Communicate security architecture and risk posture clearly to executive leadership, boards, and external auditors, translating technical complexity into business language.