Information Security Architect

About The Position

Requirements

• 7+ years of progressive work experience in information security or an equivalent combination of education and work experience.
• Deep knowledge of security frameworks (NIST, ISO 27001, HITRUST, PCI DSS), secure network and application design, and cloud security models.
• Hands-on experience with security technologies: SIEM, EDR, IAM, DLP, PKI, firewalls, vulnerability management, and encryption.
• Experience with AWS, Azure, or Google Cloud security architectures.
• Strong understanding of identity management, authentication, and access control principles.
• Strong knowledge regarding common attacks, attack methods, and defense architectures.
• CISSP (Certified Information Systems Security Professional) or other related information security certifications are required.

Nice To Haves

• Advanced degree in Cybersecurity or related field.
• Experience in highly regulated industries (e.g., healthcare, financial services).

Responsibilities

• Develop and maintain the enterprise security architecture, ensuring it aligns with business strategy and IT initiatives.
• Define security requirements for new systems, applications, and network designs.
• Provide subject matter expertise on security best practices, frameworks, and emerging threats.
• Evaluate, design, and implement security solutions, including firewalls, intrusion prevention systems, identity and access management, endpoint protection, and cloud security.
• Ensure secure integration of on-premises, cloud, and hybrid environments.
• Lead proof-of-concept (POC) testing for security technologies and recommend adoption where appropriate.
• Ensure architecture is compliant with security frameworks such as NIST CSF, HITRUST, ISO 27001, and applicable regulatory requirements (HIPAA, PCI-DSS, GDPR, etc.).
• Collaborate with risk management to assess, document, and mitigate security risks.
• Maintain architectural documentation and enforce security design patterns.
• Partner with enterprise architects, infrastructure teams, application developers, and business units to embed security into projects from inception.
• Provide mentorship and guidance to security engineers and analysts.
• Serve as a technical escalation point for complex security issues.
• Research emerging threats and security technologies to improve defenses.
• Recommend enhancements to policies, standards, and procedures to strengthen security posture.
• Participate in security incident response activities, providing architectural guidance to containment and remediation efforts.

Benefits

• The anticipated range for this position is $145,000 - $170,000.
• This position also qualifies for up to 10% annual bonus based on Company, department, and individual performance.