Lead Security Architect

Key Responsibilities:

• Lead enterprise security strategy and architecture across cloud, on-premises, and hybrid environments.
• Develop and execute the security architecture roadmap aligned with organizational goals.
• Create and maintain security documentation, standards, patterns, and reference architectures, ensuring alignment with frameworks (NIST, OWASP, ISO, CIS).
• Drive secure-by-design initiatives and develop security standards.
• Define, track, and report security metrics to demonstrate security maturity, program effectiveness, and compliance with standards.
• Design and oversee implementation of security architecture topologies for systems and enterprise enablement.
• Drive DevSecOps adoption and secure CI/CD integration, advancing automation and resilient delivery with container security (Kubernetes, Docker), IaC and PaC (Terraform, ARM, Bicep, Azure Policy).
• Apply strong business acumen to align security initiatives with organizational goals, and demonstrate experience working in agile environments to support rapid and flexible solution delivery.
• Lead threat modeling, risk assessments, and incident response planning for Azure and hybrid systems.
• Provide expert guidance on identity and access management (IAM), network segmentation, encryption, and cloud security.
• Evaluate, recommend, and select security products and vendors, ensuring solutions align with enterprise architecture standards and business requirements.
• Build and maintain strong relationships with technology teams, suppliers, and business units.
• Mentor architects and engineers; foster a secure-by-design culture.
• Deliver security awareness training and guidance to business and IT teams.
• Stay current with emerging threats, technologies, and regulatory changes; recommend innovative solutions.

Required Skills & Expertise:

• Bachelor’s degree in computer science, information systems, or related field (or 5+ years relevant experience).
• At least 2+ years in a senior or lead security architecture role.
• Proven expertise in Azure security and compliance, hybrid cloud security, and enterprise security architecture.
• Experience with strategic planning, enterprise architecture, and IT portfolio management.
• Strong understanding of compliance requirements and regulatory frameworks.
• Hands-on experience with Azure security tools (Sentinel, Defender, Key Vault, Entra ID, Azure Firewall, Policy/Blueprints), monitoring, automation, and compliance reporting.
• Experience with DevSecOps and automating security controls in Azure.
• Familiarity with IAM, PKI, SSO, MFA, and secure API integration.
• Excellent communication and leadership skills; ability to influence stakeholders.
• Experience working in agile environments.

Preferred Qualifications:

• Advanced knowledge of zero-trust architecture, secure cloud migration, and container security.
• Understanding of AI/ML security concepts.
• Familiarity with SOAR platforms and advanced threat detection tools.
• Ability to design and implement multi-cloud security (AWS, Azure, GCP).
• Proficiency in risk modeling, attack surface reduction, and threat modeling techniques.
• Relevant security certifications, such as: Azure Security Specialty, Cybersecurity Architect Expert, CISSP, CISM, CCSP, CEH, CIDSP, SANS, Security+, TOGAF, SASBA, etc.