Principal Cybersecurity Architect | 15+ years of exp. | Remote

TMS LLC•Boston, MA

1d•Remote

About The Position

We are seeking a highly experienced Principal Cybersecurity Architect with over 15 years of experience to join our team. This role is primarily focused on designing and implementing advanced cybersecurity solutions, with a strong emphasis on emerging technologies and secure development practices. The ideal candidate will have a deep understanding of cloud security, Zero Trust principles, and securing modern infrastructure like Kubernetes and AI/LLM pipelines. This is a remote position with a duration of 12+ months.

Requirements

15+ years of overall experience.
10+ years in Cybersecurity Architecture & Engineering.
Strong hands-on experience with Post-Quantum Cryptography (PQC) & Crypto-Agility frameworks.
Expertise in Confidential Computing & Trusted Execution Environments (TEE).
Experience with Identity Threat Detection & Response (ITDR).
Strong knowledge of SPIFFE/SPIRE for Zero Trust authentication.
Experience securing AI/LLM inference pipelines using TensorRT-LLM & Triton Inference Server.
Hands-on experience with Kubernetes Security & Kyverno policy enforcement.
Experience with Backstage IDP integration into security workflows.
Strong cloud security experience across AWS, Azure & GCP.
Expertise in Zero Trust Architecture, IAM/PAM, FIDO2, and Micro-Segmentation.
Strong experience with SIEM/SOAR, Detection Engineering & Incident Response Automation.
DevSecOps experience including SAST, DAST, SCA, SBOM, Secure SDLC.
Strong Kubernetes, Container, API & Service Mesh Security experience.
Experience with DLP, Encryption, Tokenization & HSM-based Key Management.

Nice To Haves

Experience in financial services, telecom, or government sectors.
Familiarity with regulatory frameworks (SOC2, ISO 27001, HIPAA, PCI-DSS).
Certifications such as CISSP, CISM, CCSP, AWS Security Specialty.
Experience leading large-scale security transformation programs.
Master’s degree in Computer Science, Cybersecurity, or related field.

Responsibilities

Design and engineer advanced cybersecurity architectures.
Implement Post-Quantum Cryptography (PQC) and Crypto-Agility frameworks.
Develop and deploy solutions for Confidential Computing and Trusted Execution Environments (TEE).
Implement Identity Threat Detection & Response (ITDR) strategies.
Utilize SPIFFE/SPIRE for Zero Trust authentication.
Secure AI/LLM inference pipelines using TensorRT-LLM & Triton Inference Server.
Enforce Kubernetes security policies using Kyverno.
Integrate Backstage IDP into security workflows.
Apply strong cloud security practices across AWS, Azure, and GCP.
Implement Zero Trust Architecture, IAM/PAM, FIDO2, and Micro-Segmentation.
Leverage SIEM/SOAR for detection engineering and incident response automation.
Incorporate DevSecOps practices, including SAST, DAST, SCA, SBOM, and Secure SDLC.
Secure Kubernetes, Containers, APIs, and Service Meshes.
Implement Data Loss Prevention (DLP), Encryption, Tokenization, and HSM-based Key Management.