Security Architect

About The Position

Requirements

• Four years of college resulting in a bachelor’s degree or equivalent experience.
• 5+ years of senior-level Information Security experience focused on Security Architecture, Cloud Security, Security Engineering, or Risk Management
• Hands-on experience with cloud architectures, AI-enabled systems, modern application stacks, and security technologies.
• Strong analytical skills, attention to detail, and excellent communication skills.
• Deep understanding of cloud architectures, application and web architectures, database and network security architecture.
• Knowledge of NIST 800-53 Framework, NIST AI RMF, regulatory compliance regulations - PCI-DSS, Sarbanes-Oxley, and awareness of industry standards and best practices.
• Working knowledge of modern security solutions, tooling, and architectural patterns.

Nice To Haves

• One of more of the following certifications (or equivalent): ISC2 CISSP, CISM, CCSP
• Advanced GIAC/SANS certifications - GCIH, GCIA, GCFE, GCFA, GREM, GWAPT, GPEN, GSE
• Microsoft AZ-500, AI-900, AI-102, SC-900, AZ-900

Responsibilities

• Develop, implement, and maintain multilayered information security architectures, policies, and standards for cloud, AI, and modern application environments.
• Ensure security architecture aligns with industry best practices, regulatory expectations, and CBTS strategic objectives.
• Continuously evaluate and strengthen existing security frameworks to adapt to evolving threats and technologies.
• Assess and integrate new security technologies, with a focus on cloud-native security, automation, AI-driven security controls, and emerging innovations.
• Conduct security risk assessments, architecture reviews, and vulnerability assessments across cloud and application environments
• Support Red Team and threat modeling initiatives to identify and address architectural weaknesses.
• Analyze emerging threat trends adapting our security strategies accordingly.
• Partner with business units, product teams, and engineering groups to embed security throughout the development and delivery lifecycle
• Advocate for secure design principles and guide teams in adopting architectures that meet both security and business requirements
• Collaborate with vendors to evaluate cloud, AI, and infrastructure enhancements, ensuring alignment with security expectations.
• Ensure architectural decisions support compliance with relevant regulatory and industry standards such as NIST 800‑53, DISA STIGs, PCI‑DSS, SOX, and others.
• Maintain awareness of evolving compliance obligations and incorporate them into architectural patterns and controls.