Security Architect & Operations Lead

About The Position

Requirements

• Bachelor's degree in computer science or related/applicable field(s) is preferred, but not required
• 7+ years of progressive InfoSec experience, including 3+ years in a leadership or management role
• At least one relevant security certification (e.g., CISSP, CISM, or equivalent)
• Strong knowledge of security frameworks such as NIST and ISO 27000 series
• Proven success designing, implementing, or overseeing enterprise-scale security solutions
• Proven experience implementing enterprise security solutions: IAM, SIEM, WAF, CASB, CSPM, CWPP
• Deep expertise in securing cloud architectures (IaaS, PaaS, SaaS)
• Experience developing Zero Trust Architecture and SASE design principles
• Strong background in designing and validating security architectures for cloud and on-prem environments
• Ability to lead PoCs, evaluate emerging technologies, and manage security upgrades, decommissions, and modernization roadmaps
• Demonstrated success building reference architectures, standards, and roadmaps
• Skilled in collaborating with architects/engineers to embed security into solution design
• Experience with cloud orchestration, automation, and security configuration management is a plus
• Experience managing cross-functional projects and delivering measurable risk reduction
• Deep experience with Microsoft Administration and Security Platforms, including Microsoft Entra/Active Directory, PowerShell, Defender, Sentinel, Purview, and Graph, in an environment supporting 600+ users and 200+ servers
• The ability to travel as required (<10%)

Responsibilities

• Develop, communicate, and execute security strategies for Cybersecurity defense, protection, detection, response, and recovery
• Design, build, deploy and/or operate security solutions to help scale the security program and assist with buildout and management of an overall Security Roadmap
• Build strong stakeholder partnerships across technical and non-technical teams
• Serve as a key security liaison and SME consultant, embedding secure design principles, control framework practices into cross-functional initiatives, projects, and enterprise transformations.
• Develop and maintain security reference architectures, standards, and roadmaps for infrastructure, applications, cloud, and enterprise systems.
• Ensure alignment with enterprise identity strategies and access control frameworks to support secure, scalable, and compliant solutions.
• Assess potential risks with existing and new infrastructure, applications, products and processes, and ensure security is appropriately considered and integrated
• Perform structured security risk assessments/tests to identify, prioritize, and provide recommendations or solutions for issues found
• Provide security requirements and recommend secure practices, threat modeling, and integration of security tools (e.g., SAST, DAST, SIEM) into development pipelines and cloud environments
• Maintain deep knowledge of security principles, frameworks (NIST and regulatory landscapes (PCI, SOX, SOC2).
• Research and understand emerging information security threats and their impact on the business environment
• Recommend new information security systems and controls to mitigate emerging threats and risks across the company
• Automate security controls using tools and scripting, where possible
• Ensure foundational security technologies and controls are in place and drive continuous improvement, including identity and access management, endpoint protection, vulnerability management, application security, cloud, data protection, logging and monitoring, and incident response
• Support and drive utilization of Security monitoring and alerting solutions and key managed security services partners
• Manage relationships with third-party security vendors and improve current security technologies
• Maintain technical documentation for solutions and standard operating procedures such that services are delivered in an efficient and effective manner
• Support and maintenance of IT security components and working to ensure conformity to the standards of operation for the Information Technology Department.
• Key escalation for incidents and Incident Triage Team Lead backup. This may require response to and coordination of incidents occurring during evening hours and on weekends. Efforts should include follow-up activities to prevent recurrence of incident using NIST CSF Incident Response practices
• Develop, test, and execute Information Security policy requirements and procedures, including incident response plans, playbooks, and SOP
• Assist with data security, and disaster recovery plans
• Continually look to improve and refine the Security and infrastructure services delivered to the business, globally
• Help define and meet SLA requirements and best practices for security components and services
• Contribute deep technical skills, and industry experience and best practices to the rest of the team, driving change
• Maintain knowledge of emerging technology
• Technical Lead/Supervisor for high-performing security team, participating in hiring, training, performance management, and career development while developing and tracking metrics to measure security posture and report progress to leadership.
• Communicate effectively, verbally and in writing with people at all organizational levels
• Work in a team environment making positive contributions to the organization
• Establish and maintain effective relationships with staff members, customers, and vendors
• Other duties as assigned or required

Benefits

• Our benefit package supports the well-being of our employees and their families. Our comprehensive benefit package includes, medical, dental, 401K match, paid time off (including volunteer time as well as parental leave) and so much more!