Information Security Architect

About The Position

Requirements

• Bachelor's Degree required.
• 8+ years of experience in cybersecurity, security architecture, cloud security, infrastructure security, or related technical disciplines.
• Strong experience designing and implementing enterprise security architectures and technical security standards.
• Familiarity with AI security concepts, secure AI platform adoption, and risks associated with generative AI technologies.
• Deep technical knowledge of AWS, Azure, hybrid cloud environments, and cloud-native security capabilities.
• Experience with Zero Trust architecture, ZTNA, micro segmentation, network security controls, and endpoint security technologies.
• Hands-on experience with identity security concepts including SSO, MFA, federation, PAM, RBAC/ABAC, and identity governance.
• Experience supporting application security and DevSecOps initiatives including CI/CD security, API security, threat modeling, and secure SDLC practices.
• Experience with enterprise security technologies including EDR/XDR, SIEM, DLP, CASB, vulnerability management, CSPM, and cloud-native security tooling.
• Strong analytical, troubleshooting, and problem-solving skills with the ability to work independently on complex technical initiatives.
• Strong communication skills with the ability to explain technical security concepts to both technical and non-technical stakeholders.

Nice To Haves

• Experience in financial services or other highly regulated industries.
• Professional certifications such as CISSP, CCSP, CISM, SABSA, AWS Security Specialty, Azure Security Engineer, or GIAC certifications.
• Familiarity with regulatory and security frameworks including NIST CSF, ISO 27001, CIS Controls, SOX, GLBA, NYDFS, and PCI-DSS.
• Experience with scripting, automation, Infrastructure-as-Code, and security engineering enablement practices.
• Experience supporting enterprise modernization initiatives involving cloud transformation, Zero Trust, AI enablement, and secure platform engineering.

Responsibilities

• Develop enterprise security reference architectures, technical standards, secure design patterns, and implementation guidance.
• Perform architecture and design reviews for enterprise applications, cloud platforms, infrastructure services, and technology integrations.
• Conduct threat modeling and technical risk assessments to identify security gaps and recommend mitigation strategies.
• Create secure configuration baselines and security blueprints for enterprise platforms and shared technology services.
• Design scalable and reusable security patterns that promote consistency, resiliency, and operational efficiency across environments.
• Design and implement secure architecture patterns for AWS, Azure, hybrid cloud, and on-premises environments.
• Define cloud security guardrails, network segmentation patterns, logging standards, and access control models.
• Partner with cloud and infrastructure teams to implement secure-by-default cloud services and platform configurations.
• Support container security, Kubernetes security, Infrastructure-as-Code (IaC) security, and DevSecOps initiatives.
• Evaluate and integrate cloud-native security tooling including CSPM, CWPP, secrets management, and workload protection technologies.
• Design secure network architectures leveraging Zero Trust principles, ZTNA, micro segmentation, secure remote access, and software-defined perimeter concepts.
• Develop network security standards related to segmentation, east-west traffic controls, secure connectivity, and enterprise access patterns.
• Partner with endpoint engineering teams to improve endpoint hardening, EDR/XDR integrations, device security, and enterprise visibility capabilities.
• Support secure architecture design for remote workforce technologies, enterprise mobility, and distributed enterprise environments.
• Collaborate with Identity Security teams to design secure authentication, authorization, federation, and privileged access architectures.
• Integrate identity-centric security controls into enterprise applications, cloud platforms, and infrastructure environments.
• Support implementation of Zero Trust identity principles including least privilege access, adaptive authentication, and strong identity governance controls.
• Partner with development and DevOps teams to integrate security controls into the software development lifecycle and CI/CD pipelines.
• Perform secure application architecture reviews and support secure coding, API security, secrets management, and software supply chain security initiatives.
• Conduct application threat modeling and advise on secure design approaches for modern applications and APIs.
• Evaluate AI platforms, generative AI tools, and AI-assisted development technologies to identify security risks and define secure usage patterns.
• Develop security guidance for AI model governance, secure AI development, data protection, and responsible AI adoption.
• Support enterprise data security initiatives including encryption, data classification, DLP, tokenization, and key management architectures.
• Design and integrate foundational security capabilities that improve enterprise protection, telemetry, automation, and resiliency.
• Evaluate third-party technologies and conduct technical security assessments for vendor platforms and enterprise integrations.
• Support automation and engineering initiatives that improve operational efficiency, security visibility, and control effectiveness.

Benefits

• Competitive base salary plus discretionary annual bonus for select positions
• A 401(k) plan with a generous annual profit-sharing contribution
• Personalized development and career opportunities, including tuition reimbursement support
• Comprehensive medical, dental, and vision plans with zero contributions for employee coverage
• Employee assistance (EAP) and wellness programs
• Hybrid work environment: 60% in office, 40% remote for most positions
• Paid time off and paid parental leave
• Employer-paid life insurance and short- and long-term disability coverage
• Legal services and financial wellness plans at no cost to employees