Security Architect

About The Position

Requirements

• Required: Bachelor’s degree in Computer Science, Information Security, or related field; or equivalent work experience.
• 8-10 years of related work experience
• Experience in security architecture, engineering, or related security disciplines.
• Ability to help drive security strategy alignment
• Ability to innovate and instigate change to manage organizational security architecture through threat assessment, management and standards implementation
• Ability to be the senior specialist responsible for a strategic security architecture that focuses on organizational risk management, technical security architecture and data governance.
• Ability to report on security risks and assume the role of champion for security architecture strategy
• Ability to effectively collaborate across teams and develop a sphere of influence.

Nice To Haves

• Preferred: Master's degree in Computer Science, Information Security, or related field; or equivalent work experience.
• Strong knowledge of security frameworks (e.g., NIST CSF, AWS FSBP, TOGAF)
• Certifications: Professional certifications such as CISSP, CISM, CCSP, or equivalent.

Responsibilities

• Design and oversee enterprise security architecture: Lead the development and enforcement of security principles, best practices, and frameworks across business systems, cloud services, and infrastructure. Ensure alignment with regulatory, compliance, and organizational requirements.
• Data security leadership and implementation: Lead initiatives for data classification, encryption, tokenization, and access governance. Advise on secure design and handling of sensitive information across enterprise, including analytics platforms and integrations. Ability to map security requirements to the data lifecycle
• Hands-on cloud security engineering: Implement cloud-native security controls and harden configurations in AWS, Azure, and third-party SaaS platforms. Deploy automated guardrails, security tooling, infrastructure as code, and logging/monitoring pipelines. Conduct hands-on testing, validation, and tuning of cloud security services (CSPM, CIEM, CWPP, etc.).
• Threat modeling, risk assessment, and control validation: Conduct threat modeling to identify potential risks across systems and cloud environments. Assess risks, vulnerabilities, and controls; recommend remediation strategies for enterprise and cloud environments.
• Policy, standard, and framework development: Convert best practices into formal security policies, standards, and guidance documents. Ensure policies support both operational needs and compliance requirements. Cross-functional collaboration with Data Governance & Privacy In support of data and records retention policies, knowledge of retention schedules and defensible deletion practices. Understanding of secure archival and approved destruction methods.
• Risk Register: Maintain and oversee the security risk register, ensuring risks are continuously reviewed for priority, accurately documented, assessed, and updated.
• Strategic advisory and collaboration: Act as a trusted advisor to IT leadership, providing guidance that balances security, compliance, and operational priorities Understand business problems or opportunities and recommend value-add security solutions. Understanding of data-sharing agreements and secure data exchange protocols.

Benefits

• Remote Work – Fully remote work available for most positions
• Retirement Savings – Generous 403(b) employer contributions and financial wellness resources, including professional financial advising.
• Health & Wellness Perks – Fitness and bicycle subsidies, on-site and virtual wellness programs (live yoga, meditation, mental health webinars, flu shot clinics, and more)
• Support & Family Care – Employer paid Employee Assistance Program (EAP) and back-up care options for children, adults, elders, and even pets