Infrastructure Security Architect

About The Position

Requirements

• 7+ years in Infrastructure Security, DevSecOps, or Security Architecture
• Expertise in security frameworks: NIST 800-53, NIST CSF, CIS
• Extensive experience designing secure cloud and HPC environments
• Strong automation and engineering background (IaC, CI/CD, cloud-native security tooling)
• Offensive security experience (ethical hacking, red/purple team, threat modeling)
• Proven ability to lead cross-functional teams and drive organizational alignment
• Experience supporting audits, governance, and compliance initiatives

Nice To Haves

• Certifications: OSCP, CISSP, GIAC (GCSA, GMOB, GCPN), or similar
• Experience with SOC 2, HIPAA, PCI, or other regulated environments
• Experience with GPU clusters, HPC environments, or high-throughput compute systems
• Deep familiarity with cloud security (AWS, GCP, Azure)

Responsibilities

• Strategic Architecture & Long-Term Security Design
• Develop and maintain a holistic security architecture roadmap spanning HPC, cloud platforms, on-prem infrastructure, and internal applications.
• Architect solutions aligned with NIST 800-53, NIST CSF, CIS benchmarks, and other relevant frameworks.
• Establish and evangelize a Security-by-Design culture across engineering and operational teams.
• Automation & Engineering (DevSecOps)
• Build automated pipelines for security controls, monitoring, evidence collection, and audit readiness.
• Engineer automated hardening, patching, and configuration management solutions across infrastructure and cloud assets.
• Integrate security directly into CI/CD workflows, cloud provisioning, and infrastructure-as-code (IaC).
• Offensive Security & Risk Validation
• Conduct hands-on ethical hacking, security testing, threat modeling, and adversarial simulations to validate security controls.
• Identify systemic weaknesses, prioritize risks, and define technical mitigation strategies.
• Lead or support purple-team activities with Security, Infrastructure, and Software Engineering.
• Cross-Functional Leadership & Alignment
• Partner with Infrastructure, IT, Engineering, Software Development, Security, and Compliance to ensure unified execution of security policies.
• Translate regulatory and audit requirements into actionable engineering tasks.
• Act as a key technical advisor during audits to ensure evidence, control operation, and documentation meet standards.
• Governance, Policy, & Audit Support
• Architect scalable processes that ensure continuous audit readiness and reduce manual evidence creation.
• Define baseline security standards, technical controls, and operational guardrails.
• Support certifications, assessments, and customer security reviews.

Benefits

• Stock Options
• 100% paid Medical, Dental, and Vision insurance
• Life and Voluntary Supplemental Insurance
• Short Term Disability Insurance
• Flexible Spending Account
• 401(k)
• Flexible PTO
• Paid Holidays
• Parental Leave
• Mental Health Benefits through Spring Health