What you'd actually do

Lead cybersecurity strategy for AI-enabled products and drive adoption of new technical methods, including leading proof-of-concept initiatives for emerging technologies

Design, develop, and troubleshoot creative security solutions, producing secure, high-quality production code and reviewing code written by others

Architect complex, scalable, and reusable cybersecurity frameworks for cloud and on-premises environments, driving standardization and consistency across the organization

Continuously evolve security protocols by assessing current controls, identifying gaps, and implementing improvements aligned with industry standards and governmental regulations

Implement and manage IAM protocols (RBAC, OAuth2.0, SCIM, WebAuthN, OPA, PBAC) and apply advanced security principles including encryption, data security, and risk management

Skills

Required

Formal training or certification in software engineering/architecture with applied experience in system design, application development, and operational stability
Advanced proficiency in one or more languages: Java, Python, C/C++, Node, or Golang
Experience planning, designing, and implementing enterprise-level security solutions with fluent understanding of SDLC and agile methodologies (CI/CD, Application Resiliency)
Practical cybersecurity experience in one or more disciplines: AI/ML, Application Development, Cloud, Infrastructure, Mobile, Offensive Security, or Vulnerability Management
Extensive cloud-native experience (AWS, Azure, GCP) including Kubernetes, Lambda, ECS, S3, Aurora, API Gateway, and DevOps practices
Experience in security assessment, threat modeling, and secure design for cloud-native applications, including A2A security, certificate management, API security, and service mesh architectures
Expertise in IAM principles (RBAC, OAuth2.0, SCIM, WebAuthN, OPA, PBAC) with deep understanding of encryption, data security, and risk management
Experience with CIS Security baselines, configuration drift remediation, and hands-on security architecture
Proven experience building scalable microservices, enterprise-grade APIs, and high-availability database architectures (SQL, data modeling), with knowledge of streaming technologies (Kafka, RabbitMQ)
Ability to evaluate current and emerging technologies to recommend best solutions for future state architecture
Strong cross-functional influence, technical thought leadership, and ability to communicate complex concepts to senior executives

Nice to have

Experience with threat modeling methodologies such as STRIDE, MITRE ATT&CK, VAST, DREAD, IriusRisk, and PASTA
Experience with web, API, and microservices technologies including Web Applications, Web Services, and Service Oriented Architectures. Experience with Infrastructure as Code (IaC) utilizing tools such as Terraform
Experience with cloud security platforms such as AWS, Azure, and Google Cloud. Familiarity with security frameworks such as NIST, ISO 27001, and SOC 2
Proficiency in MCP and its application on how it can be used to secure agentic systems
Experience with Vendor Product Management, Services, and Tooling
Experience leading cross-functional security projects with strong communication and stakeholder management skills
Strategic thinker with a proactive approach to problem-solving, strong organizational and project management skills, and a commitment to continuous learning and professional development
Professional certifications such as CISSP, CISM, or CCSP Nicole_JD.docx. AWS certifications including Practitioner, Cloud Engineer, Software Development Engineer, Cloud Security Engineer, Cloud Security Architect, and Application Architect. Offensive Security certifications including OSCP, OSWP, OSCE, OSEE, OSWE, OSEP, and CEH

As a Cybersecurity Architect, you play a pivotal role in shaping secure solutions for software applications and platform products, driving meaningful business impact through deep technical expertise and innovative problem-solving. You will leverage advanced architecture capabilities to identify, communicate, and mitigate risk while collaborating across the organization to drive best-in-class outcomes , and lead the creation of AI-enabled cybersecurity solutions and reusable frameworks at the forefront of industry best practices.

Job Responsibilities

Design, develop, and troubleshoot creative security solutions, producing secure, high-quality production code and reviewing code written by others
Architect complex, scalable, and reusable cybersecurity frameworks for cloud and on-premises environments, driving standardization and consistency across the organization
Continuously evolve security protocols by assessing current controls, identifying gaps, and implementing improvements aligned with industry standards and governmental regulations
Implement and manage IAM protocols (RBAC, OAuth2.0, SCIM, WebAuthN, OPA, PBAC) and apply advanced security principles including encryption, data security, and risk management
Lead cybersecurity strategy for AI-enabled products and drive adoption of new technical methods, including leading proof-of-concept initiatives for emerging technologies
Translate complex technical issues to leadership, enabling strategic decisions about target state architecture
Serve as a subject matter expert, providing technical guidance to stakeholders, business leaders, technical teams, contractors, and vendors
Mentor engineering teams, advocate for firmwide SDLC best practices, and champion a culture of diversity, inclusion, and continuous learning

Required Qualifications, Capabilities, and Skills

Formal training or certification in software engineering/architecture with applied experience in system design, application development, and operational stability
Advanced proficiency in one or more languages: Java, Python, C/C++, Node, or Golang
Experience planning, designing, and implementing enterprise-level security solutions with fluent understanding of SDLC and agile methodologies (CI/CD, Application Resiliency)
Practical cybersecurity experience in one or more disciplines: AI/ML, Application Development, Cloud, Infrastructure, Mobile, Offensive Security, or Vulnerability Management
Extensive cloud-native experience (AWS, Azure, GCP) including Kubernetes, Lambda, ECS, S3, Aurora, API Gateway, and DevOps practices
Experience in security assessment, threat modeling, and secure design for cloud-native applications, including A2A security, certificate management, API security, and service mesh architectures
Expertise in IAM principles (RBAC, OAuth2.0, SCIM, WebAuthN, OPA, PBAC) with deep understanding of encryption, data security, and risk management
Experience with CIS Security baselines, configuration drift remediation, and hands-on security architecture
Proven experience building scalable microservices, enterprise-grade APIs, and high-availability database architectures (SQL, data modeling), with knowledge of streaming technologies (Kafka, RabbitMQ)
Ability to evaluate current and emerging technologies to recommend best solutions for future state architecture
Strong cross-functional influence, technical thought leadership, and ability to communicate complex concepts to senior executives

Preferred Qualifications, Capabilities, and Skills

Experience with threat modeling methodologies such as STRIDE, MITRE ATT&CK, VAST, DREAD, IriusRisk, and PASTA
Experience with web, API, and microservices technologies including Web Applications, Web Services, and Service Oriented Architectures. Experience with Infrastructure as Code (IaC) utilizing tools such as Terraform
Experience with cloud security platforms such as AWS, Azure, and Google Cloud. Familiarity with security frameworks such as NIST, ISO 27001, and SOC 2
Proficiency in MCP and its application on how it can be used to secure agentic systems
Experience with Vendor Product Management, Services, and Tooling
Experience leading cross-functional security projects with strong communication and stakeholder management skills
Strategic thinker with a proactive approach to problem-solving, strong organizational and project management skills, and a commitment to continuous learning and professional development
Professional certifications such as CISSP, CISM, or CCSP Nicole_JD.docx. AWS certifications including Practitioner, Cloud Engineer, Software Development Engineer, Cloud Security Engineer, Cloud Security Architect, and Application Architect. Offensive Security certifications including OSCP, OSWP, OSCE, OSEE, OSWE, OSEP, and CEH