Title: Security Architect
Location: [City, State or Remote/Hybrid Onsite]
Employment Type: [Full-time | Contract | Contract-to-Hire]
Clearance: [If applicable]
Travel: [e.g., ~10%]
Reports To: [CISO / Director of Security / Head of Infrastructure]

Role Summary

We are seeking a Mid-Senior Security Architect to design and evolve enterprise security architecture across on‑prem and cloud environments (AWS/Azure). This role will own high-level security frameworks and reference architectures, partner closely with SOC/IR/engineering teams to strengthen detection and response, and drive secure-by-design patterns across infrastructure, applications, and endpoints. The ideal candidate blends deep technical breadth with the leadership and communication skills to influence senior stakeholders and guide engineering teams.

Core Responsibilities

Architecture & Strategy

• Create and maintain security reference architectures, blueprints, and roadmaps for network, endpoint, identity, cloud (AWS/Azure), and data protection.
• Define and govern security standards, patterns, and guardrails (e.g., network segmentation, zero trust, bastion patterns, key vaulting, least privilege).
• Lead architecture reviews and threat modeling for new platforms, services, and integrations; ensure secure-by-design principles.
• Partner with Infrastructure, Cloud, and App Engineering to translate business goals into resilient security architecture and control objectives.

Security Operations (Defense & Detection)

• Collaborate with the SOC to mature alerting, correlation, and detection engineering (SIEM/SOAR, EDR, cloud-native telemetry).
• Work with Threat Hunters to refine hypotheses, prioritize visibility gaps, and improve log coverage and detections.
• Guide Malware Analysis inputs into control tuning, sandboxing, and endpoint hardening strategies.

Incident Response

• Serve as a technical lead during security incidents, advising on containment, eradication, and recovery playbooks.
• Conduct post-incident reviews

Testing & Offensive Security

• Partner with Penetration Testing teams to scope tests and translate findings into architectural fixes and prioritized backlog items.
• Oversee Vulnerability Management governance; align with Endpoint Security Engineers and domain SMEs to ensure timely patching and compensating controls.

Governance, Risk & Compliance

• Map controls to relevant frameworks and regulations (e.g., NIST CSF/800-53, ISO 27001, CIS Benchmarks, PCI-DSS, SOC 2).
• Contribute to policy development, exception management, and control attestation; support audits and assessments.

Key Skills & Qualifications

Must-Have

• 10+ years in Information Security with hands-on security engineering/analysis and 3-5+ years in security architecture roles.
• Strong knowledge of network protocols, firewalls, proxies, VPNs, segmentation, and zero trust concepts.
• Expertise across operating systems (Linux/Windows), identity & access (AD/Azure AD, SSO, MFA, PAM), and endpoint security (EDR, hardening).
• Cloud security depth in AWS and/or Azure: IAM, network controls (Security Groups/NSGs), KMS/Key Vault, logging/monitoring, container security, IaaS/PaaS security patterns.
• Experience collaborating with SOC/IR, threat hunting, and vulnerability management teams.
• Soft skills: excellent communication, influence, and stakeholder leadership

Certifications (Preferred)

• CISSP, CISM, CCSP, or relevant cloud/security vendor certifications (e.g., AWS Security Specialty, Microsoft SC-100/SC-200, SANS/GIAC).

Tools & Technologies (Nice-to-Have)

• SIEM/SOAR (e.g., Splunk, Sentinel), EDR/XDR (e.g., CrowdStrike, Defender), WAF/IDS/IPS, CASB, SASE/ZTNA.
• Cloud security tools (e.g., Prisma, Wiz, Defender for Cloud), IaC (Terraform), container security (EKS/AKS, admission controllers).
• Secrets management & KMS, PKI, DLP, Data Security Posture tools.