Principal Security Architecture Specialist

About The Position

Requirements

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field
• 7+ years of experience in information security, including architectural design
• Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001), and regulatory requirements
• Hands-on experience with network, application, infrastructure, and cloud security technologies (e.g., firewalls, SIEM, IAM, encryption solutions, AWS/Azure/GCP)
• Professional certifications such as CISSP, CISM, CCSP, or SABSA strongly preferred
• Excellent analytical, communication, and interpersonal skills
• Ability to translate complex security requirements into practical technical solutions
• Experience building automated security solutions
• Strong security experience, particularly with focus in one of the following areas: Defensive & Offensive Security, Service architecture and Design Patterns
• Strong collaboration and communication skills

Nice To Haves

• Experience with DevSecOps practices and tools
• Familiarity with secure software development lifecycle (SDLC) methodologies
• Experience scaling operational activities via Python, Bash, and other tools
• DevOps or SRE experience operating large, distributed, continuously deployed services
• Knowledge on bridging security engineering requirements into the software development life cycle
• Security training and mentoring experience
• Experience with statistical/mathematical predictive modeling
• Experience with machine learning / artificial intelligence
• Experience designing resilient systems that support quick recovery
• Experience with container orchestration and management
• History of collaborating and integrating processes with software development teams, data scientists, business and other technical roles

Responsibilities

• Drive and champion security tool development (e.g. scanning tools)
• Consult software development teams in design and architecture of safe and secure systems through Threat Modeling and modeling exercises
• Champion and consult on secure development lifecycle practices
• Design and integrate verification and posture reporting mechanisms
• Define security configuration and implementation best practices
• Prototype, design, and implement security solutions for new and challenging problems
• Evaluate, select, and deploy technical security controls and tools to enhance protection of networks, applications, and data
• Conduct security risk assessments, threat modeling, and architecture reviews for critical systems and new initiatives
• Collaborate with IT and business units to integrate security into project lifecycle, including cloud migrations, new application deployments, and third-party solutions
• Define and maintain security policies, procedures, and technical documentation
• Monitor emerging threats and technology trends; recommend controls and risk mitigation strategies
• Participate in incident response activities, including investigation, remediation, and reporting on security incidents
• Provide mentorship and technical leadership to junior security team members
• Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, PCI DSS, SOX) and internal security requirements