Principal, Security Architecture

About The Position

Requirements

• 10+ years of experience in cybersecurity, security architecture, or information security, with a focus on enterprise architecture and solution design preferred
• Deep expertise in security architecture frameworks, secure design principles, and enterprise technology environments
• Strong understanding of cybersecurity frameworks (e.g., NIST CSF, ISO 27001) and regulatory requirements
• Experience leading architecture reviews, defining standards, and guiding secure solution development
• Demonstrated ability to collaborate with cross-functional teams and influence technical and business stakeholders
• Strong leadership, communication, and problem-solving skills
• Experience in a leadership role overseeing security architecture or engineering teams
• Experience in highly regulated industries (e.g., aviation, financial services, healthcare, or government)
• Advanced degree (MBA, MS in Cybersecurity, Information Systems, or related field) preferred
• Professional certifications such as CISSP, CCSP, SABSA, or TOGAF
• Experience with cloud security architecture, DevSecOps, and modern application development practices
• Utilizes broad and deep knowledge to develop innovative new business practices, policies and procedures
• Contributes to the development of department strategy
• Works on or may lead highly complex projects of large scope
• Projects are typically cross-functional and have significant and long-term impact
• Provides solutions which set precedent
• Negotiates complex or risky technical business issues on behalf of the company
• Independently defines project establishes budgets identifies participants and mitigates risk
• Consults with management to determine project objectives with long-term implications
• Acts as a mentor to less experienced colleagues

Nice To Haves

• focus on enterprise architecture and solution design preferred
• Advanced degree (MBA, MS in Cybersecurity, Information Systems, or related field) preferred

Responsibilities

• Develop and lead the enterprise security architecture strategy aligned with cybersecurity, risk management, and business objectives
• Establish governance frameworks and processes to guide secure design, technology selection, and solution deployment across the organization
• Collaborate with cybersecurity leadership, enterprise architecture, and technology teams to define target-state architecture and long-term roadmap
• Serve as an advisor to leadership on security architecture priorities, risks, and investment decisions
• Develop, maintain, and enforce enterprise security architecture standards, including design principles, control requirements, and implementation guidelines
• Ensure standards are aligned with regulatory requirements, industry frameworks, and organizational risk tolerance
• Establish governance processes for adoption and enforcement of architecture standards across global cybersecurity and technology teams
• Continuously update and refine standards to address emerging threats, technologies, and business needs
• Oversee architecture review processes to evaluate solutions and system designs against security standards, risk requirements, and enterprise architecture
• Ensure security risks are identified, documented, and addressed prior to implementation
• Provide approval and validation of security architecture decisions, including exception handling and risk acceptance processes
• Drive consistency and quality in architecture review practices across teams
• Provide proactive security guidance and risk-informed recommendations during solution design and development
• Partner with application, engineering, and commercial technology teams to embed security requirements early in the development lifecycle
• Support security-by-design reviews, pre-implementation assessments, and architecture decision-making for new initiatives and technologies
• Act as a technical liaison to translate security requirements and risks for both technical and non-technical stakeholders
• Assess, rationalize, and optimize the cybersecurity tooling landscape to reduce complexity, eliminate redundancies, and improve capability coverage
• Ensure tooling aligns with enterprise security architecture and supports effective risk management and operational capabilities
• Partner with engineering and infrastructure teams to integrate tools into the broader cybersecurity ecosystem
• Drive continuous improvement of tooling strategy to support scalability, efficiency, and innovation
• Define and support reference architectures, design patterns, and reusable security solutions to enable secure system development
• Oversee and guide the implementation of security controls within applications, infrastructure, and platforms
• Support teams in designing secure solutions that balance security, performance, scalability, and usability
• Promote adoption of secure-by-design principles across development and engineering teams
• Assess current and target security capabilities, mapping them to business priorities and risk requirements
• Develop and maintain a phased roadmap to guide strategic security architecture investments and capability maturity
• Align architecture initiatives with enterprise transformation efforts and emerging technology trends
• Provide visibility into capability gaps and investment priorities to support strategic planning
• Collaborate with enterprise architecture, IT, engineering, risk, and compliance teams to ensure alignment of security architecture with enterprise initiatives
• Partner with BISOs and business stakeholders to integrate security into business and technology strategies
• Provide guidance and support for cybersecurity requirements in projects, ensuring alignment with architecture standards
• Drive consistent communication and alignment across global cybersecurity and technology teams
• Build and lead a high-performing security architecture team with expertise across domains such as cloud, application, infrastructure, and data security
• Develop team capabilities through coaching, training, and structured career development initiatives
• Foster a culture of technical excellence, innovation, and continuous improvement
• Ensure alignment of team capabilities with evolving cybersecurity and business needs

Benefits

• Medical, dental and vision coverage
• Paid time off plan
• Health savings account (HSA)
• 401k savings plan
• Access to wages before pay day with myFlexPay
• Flexible spending accounts (FSAs)
• Short- and long-term disability coverage
• Work-Life resources
• Paid parental leave
• Healthy lifestyle programs