Information Security Architect

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent professional experience.
• 6–7+ years of hands-on experience in information security, security engineering, cloud security, or closely related roles.
• Demonstrated experience leading security architecture or design decisions for production cloud and/or corporate environments.
• Strong working knowledge of at least one major cloud platform (AWS, Azure, or GCP), including IAM, networking, encryption, key management, and logging.
• Practical experience across corporate security domains such as identity and access management, endpoint security, SaaS governance, and data protection.
• Ability to independently assess risk, define security control objectives, and translate them into clear architectural guidance and implementation requirements.
• Ability to drive architectural consistency across diverse cloud and corporate systems with varying ownership and constraints.
• Experience balancing security risk reduction with delivery speed, usability, and operational realities.
• Excellent written and verbal communication skills, with the ability to influence and align technical and non-technical stakeholders.
• Strong organizational and prioritization skills; ability to manage multiple initiatives in a fast-paced environment.
• Experience in a SaaS or cloud-first organization.

Nice To Haves

• Experience supporting SOC 2, ISO 27001, and customer security assessments.
• Familiarity with infrastructure-as-code, CI/CD pipelines, and cloud-native architectures.
• Experience with SSO/IdP platforms, MDM/endpoint management tools, and modern SaaS security controls.
• Security certifications such as AWS Security Specialty, CCSK, SSCP, CISSP (Associate or full), or equivalent.

Responsibilities

• Lead the design and evolution of security architecture across cloud infrastructure, SaaS platforms, and corporate information systems, ensuring solutions are secure-by-design, scalable, and operationally sustainable.
• Own and maintain security architecture standards, reference architectures, and secure design patterns spanning identity and access management, data protection, logging/telemetry, endpoint security, and third-party integrations.
• Conduct and lead security architecture reviews for new systems, material changes, vendor tools, and integrations; document decisions, required control outcomes, and implementation guidance that teams can execute.
• Drive threat modeling and architectural risk assessments for strategic initiatives; translate findings into prioritized remediation plans and architecture improvements that balance risk reduction with usability and delivery velocity.
• Define and validate cloud security control expectations, including IAM, network segmentation, encryption and key management, secrets management, centralized logging, and least-privilege access models; validate adoption through partnership with engineering and IT.
• Influence detection and response architecture in collaboration with SecOps to improve visibility, telemetry quality, and response effectiveness; support investigations by providing architectural context and remediation guidance as needed.
• Partner with Security Engineering, Application Security, Security Operations, and GRC to ensure security controls are consistently designed and implemented across prevention, detection, response, and governance/audit domains (e.g., SOC 2, ISO 27001, and customer requirements).
• Create clear and accessible architecture documentation (standards, diagrams, patterns, decision records) and communicate security tradeoffs effectively to both technical and non-technical stakeholders.
• Mentor and guide security practitioners and cross-functional partners by improving shared understanding, raising architectural maturity, and promoting consistent adoption of security patterns and secure-by-default approaches.
• Demonstrate an AI-forward mindset and proficiency by actively using AI tools to improve productivity, quality, and decision-making in security architecture and engineering workflows, and be able to speak to real-world examples of using AI to conduct work and to design and implement practical, secure solutions (e.g., accelerating architecture documentation, threat modeling, control validation, detection logic development, policy/standard drafting, or automating analysis).

Benefits

• A Great Company Culture that has been recognized by multiple organizations like Inc, and Salt Lake Tribune
• Comprehensive health, life, and disability insurance
• Generous leave policies that include 4 weeks of vacation, 12 company holidays, parental leave, and volunteer time off so you can enjoy quality of life
• 401k plans with up to 6% company match
• $2000 Paid-Paid Vacation bonus
• EAP through Headspace
• Check out all our benefits that benefit you