Information Security Architect

About The Position

Requirements

• Deep knowledge of networking (LAN/WAN, routers, firewalls), operating systems (Windows, Linux/Unix), cloud platforms (AWS, Azure, GCP), virtualization, and encryption.
• Expertise in identity and access management (IAM), vulnerability management, threat modeling, data loss prevention, and secure configuration.
• Familiarity with protocols, standards, and tools for authentication, cryptography, and monitoring.
• Experience with risk management frameworks and compliance.
• Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 5–10+ years of progressive experience in IT/security roles (e.g., security engineer, analyst, or consultant), with several years in architecture/design.
• Relevant certifications: CISSP, CCSP, CISM, CRISC, GCAD, GCIH, GPEN,
• Strong strategic thinking, problem-solving, and communication (explaining complex security concepts to non-technical stakeholders).
• Leadership and collaboration abilities.
• Ability to translate business requirements into technical security solutions.

Responsibilities

• Design and develop security architecture — Create comprehensive security frameworks for networks, systems, applications, cloud environments, and data protection (including reference models, segment architecture, and solution designs).
• Conduct risk assessments and threat modeling — Identify vulnerabilities, perform security assessments, penetration testing support, and evaluate risks across IT infrastructure before systems go live.
• Implement and integrate security solutions — Provide governance for deployment of firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), encryption, authentication protocols, access controls, and other tools (e.g., DLP, WAF, SIEM).
• Ensure compliance and alignment — Ensure security designs align with standards (e.g., NIST, ISO 27001, FFIEC, etc.), regulatory requirements, and business strategies, document architecture and support audits.
• Evaluate and recommend technologies — Research hardware/software, review new solutions for security gaps, and ensure security is integrated into development processes (e.g., secure SDLC, DevSecOps).
• Respond to incidents and improve posture — Investigate security events, review post-incident analysis, refine architectures, and help lead initiatives to strengthen overall security.
• Collaborate and provide guidance — Work with IT teams, developers, business stakeholders, and security engineers; coach teams on security best practices and defense-in-depth principles.
• Other Duties as Assigned.