Cybersecurity Architect

About The Position

Requirements

• Bachelor's degree: Computer Science, Cybersecurity, Information technology, Network Engineering, or a closely related field.
• 8-10+ years in InfoSec or Information Technology with a significant portion in cybersecurity.
• All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.
• CISSP, CISM, CCSP, CEH, or similar with a Cybersecurity emphasis

Nice To Haves

• Hands-on expertise managing security infrastructure: firewalls, IPS, WAFs, endpoint protection, SIEM, and log management.
• Proven track record building enterprise AI security frameworks and controls for generative AI, LLMs, federated learning, and AI supply chain risks
• Direct experience securing applications and infrastructure in public clouds (AWS, Azure).
• Practical design and implementation of IAM technologies and services
• Excellent communication skills: able to translate complex security topics into clear business language; strong verbal/written presentation to stakeholders.

Responsibilities

• Develops and maintains a comprehensive security architecture strategy, including plans, roadmaps, processes, and artifacts (e.g., models, standards, templates) that translate business objectives, technology needs, and threat landscapes into actionable, aligned security solutions for cloud, on-premise, and hybrid environments.
• Monitors emerging digital business changes and threat developments; updates security strategies, architectures, and reference designs accordingly; validates IT infrastructure, configurations, and tools (e.g., firewalls, IPS, WAF, endpoint protection) against best practices; recommends enhancements to mitigate risks.
• Collaborates with stakeholders—including enterprise architects, system owners, security engineers, vendors, operational teams, and the CISO—to assess and integrate security controls (system-specific, hybrid, common); evaluates third-party SOWs, audit reports, and provider controls; coordinates security for OT/IoT systems; serves as primary liaison for control allocation and assurance.
• Establishes baseline security configuration standards for operating systems, network segmentation, least-privilege access, and identity and access management (IAM); reviews and validates network segmentation designs.
• Defines and maintains standards and procedures for data encryption, tokenization, and protection of sensitive data, aligned with organizational data classification; collaborates with privacy teams to map data flows and recommend appropriate controls.
• Drafts, documents, and maintains security policies, standards, procedures, and architecture artifacts; submits for executive/CISO review and approval; ensures integration throughout the acquisition lifecycle and system development.
• Conducts threat modeling for applications, services, and systems based on associated risks and data sensitivity; identifies architecture gaps, performs security reviews, and develops risk management plans to address vulnerabilities.
• Stays current on emerging security technologies, threats, trends, and best practices; evaluates new tools, services, and vendors; provides recommendations to the security team based on security, cost, and operational considerations.
• Collaborates with DevOps, development, and project teams to promote secure coding practices, participate in application/infrastructure projects, advise on security planning, and escalate issues to the CISO.
• Supports security testing, validation, and internal audits of controls; liaises with internal audit, vendor management, and other security practitioners to assess vendor risks, review SOWs/audits, and share best practices.
• Analyzes the security impact of new systems, interfaces, or changes on the existing environment; recommends enhancements to maintain or improve overall security posture.
• Supervises work of others. Responsible for hiring, discipline, and pay administration of their subordinates.

Benefits

• We offer competitive compensation; 401K match and benefits that start day one.
• Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.
• To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.
• A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union.
• Professionals may also be eligible for a performance-based bonus program.
• As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.