Security Architect

About The Position

Requirements

• Experience: 7+ years of experience in Information Security with deep hands-on expertise in network Architecture.
• Education & Certifications: Master’s degree in Cybersecurity required.
• GCP & AI Depth: Deep experience securing Google Cloud Platform, including specific experience with Vertex AI services and BigQuery analytics controls.
• Core Security Stack: Proven ability to manage and tune Cloudflare (WAF/Zero Trust) and CrowdStrike Falcon (EDR/XDR).
• Technical & Automation Fluency: Expert proficiency in Python for building custom automation APIs and Workato for orchestration. Working knowledge of HCL for Terraform code review, JavaScript/TypeScript for Cloudflare Workers, SQL for BigQuery analysis, and RegEx for custom WAF rule creation.
• Kubernetes Mastery: Strong understanding of Kubernetes (GKE) security, including node pools, network policies, and securing Helm deployments.
• Compliance: Solid understanding of risk assessment methodologies (NIST RMF) and mandatory compliance frameworks (SOC2, HITRUST, PCI DSS).

Nice To Haves

• GCP Professional Cloud Security Engineer certification is highly preferred.

Responsibilities

• Cloudflare & Edge Defense: Own the strategy and execution for the Cloudflare ecosystem to secure the network edge. This includes architecting WAF rules (using RegEx), DDoS protection, Bot Management, and writing custom edge logic using Cloudflare Workers (JS/TS).
• GCP Security Architecture: Lead the design of security controls within Google Cloud Platform, specifically for Vertex AI, BigQuery, VPC Service Controls, IAM, and Security Command Center.
• Kubernetes & Container Security: Architect and verify security for GKE environments, including container hardening, securing Helm charts, and implementing runtime security policies.
• DevSecOps & Automation: Embed security into CI/CD pipelines (Cloud Build, GitHub Actions) using Infrastructure as Code (Terraform). Orchestrate security workflows using Workato, building custom Python API endpoints to expose internal security logic to the platform.
• Threat Modeling & Risk: Lead threat modeling for critical applications and feature releases, proactively identifying design-level flaws before deployment.
• Mentorship & Culture: Be a role model for security best practices; mentor engineers on secure coding standards and up-level the organization’s understanding of cloud security.
• Incident Response: Lead the technical response to complex security incidents, using SQL/KQL to query logs and forensics data to ensure rapid recovery and root cause elimination.
• Governance: Conduct regular risk assessments to identify control gaps and ensure technical alignment with SOC2, HITRUST, and PCI DSS requirements.

Benefits

• United States: In addition to our healthcare benefits, we also offer amazing perks! Need work from home basics? We offer a discount through Dell! We also offer a number of resources to help you keep your mind and body healthy. Check out Gympass for a great workout, or TelusEmployee Assistance Program to find mental health resources, along with other resources for everyday occurrences.
• Costa Rica: To assist with all of life’s needs, Tebra also offers a wellness and childcare subsidy and a University/Education discount! We also offer a number of resources to help you keep your mind and body healthy. Check out Gympass for access to health and fitness apps, or Telus Employee Assistance Program to find mental health resources, along with other resources for everyday occurrences.