Security Architect - Remote US

About The Position

Requirements

• Bachelor’s degree in a technical field from an accredited college/university, or equivalent job experience.
• Minimum of 6+ years of industry and/or relevant experience, typically with 1+ years in a Senior Associate level role or external equivalent.
• Experience in cybersecurity, cloud security, or security engineering, including demonstrated experience operating at a senior or lead level.
• Hands-on experience securing AWS and/or Azure environments.
• Working knowledge of CNAPP/CSPM platforms
• Experience with vulnerability scanning, remediation tracking, and patch management processes
• Familiarity with application security principles (SAST, DAST, secure SDLC, threat modeling)
• Experience with IAM, PAM, and access governance concepts
• Exposure to SIEM and security monitoring integration
• Knowledge of Zero Trust architecture principles
• Understanding of network segmentation, VPN, Conditional Access, and cloud networking fundamentals
• Proficiency in scripting and automation (e.g., Python, PowerShell, Terraform)
• Familiarity with container security technologies (Docker, Kubernetes) and infrastructure as code (IaC) tooling
• Knowledge of encryption and key management practices.
• Strong communication skills and ability to work with both technical and non-technical stakeholders.
• Highly motivated self-starter that can manage multiple deliverables independently in a fast-paced environment

Nice To Haves

• Relevant certifications such as CISSP, CEH, GIAC, ISSAP or other relevant security-focused certifications preferred.

Responsibilities

• Support the implementation of secure architecture patterns across AWS and Microsoft Azure environments
• Support deployment and operationalization of CNAPP/CSPM platform
• Drive cloud security posture improvements by integrating CNAPP with Cloud-native tools (e.g., GuardDuty, Security Hub, IAM, KMS, CloudTrail) and Azure security capabilities
• Partner with Security Operations to automate and integrate with MSSP and SOAR autmation response principles
• Partner with engineering and development teams to embed application security (AppSec) controls into development and deployment pipelines
• Lead and support vulnerability management and patching programs across infrastructure and applications
• Contribute to security architecture reviews, threat modeling, and design validation
• Support implementation and optimization of IAM, PAM, and least-privilege access models
• Collaborate with SecOps team to integrate telemetry into SIEM platforms for monitoring and detection
• Support in the development and maintainance of secure configuration baselines and reference architectures
• Help drive patching strategy for servers, endpoints, and cloud workloads
• Conduct architecture reviews and document security requirements
• Partner directly with engineering leaders to bake security into product roadmaps.
• Stay up-to-date with the latest security trends, threats, and technologies to continuously improve our security posture.
• Help drive a culture of zero trust security across engineering, development, and product teams.

Benefits

• SitusAMC offers PTO and paid holidays, the terms of which are set forth in the program policies.
• All full time employees also are eligible to participate in various benefit plans, including medical, dental, vision, life, disability insurance and 401K; in each case in accordance with the terms of the applicable plans.