Cybersecurity Architect, IT

Role Overview

• Architect, design, and implement proactive, defense-in-depth security solutions aligned with zero trust principles and industry best practices across on-premises, cloud, and hybrid environments.
• Collaborate closely with the Security team and Enterprise Technology leadership to align security architecture with business objectives, technical infrastructure, and organizational risk tolerance.
• Lead enterprise-wide deployment, integration, and optimization of the Microsoft Defender Suite (Defender for Endpoint, Cloud, Identity, Office 365) and complementary security platforms for comprehensive threat detection and response.
• Design and oversee identity and access management (IAM) strategies, including Azure AD, conditional access, privileged access management (PAM), and privileged password vaulting solutions.
• Architect network security and application protection solutions including secure segmentation, zero trust network access, load balancing, web application firewalls, and secure remote access frameworks.
• Design vulnerability management, network detection and response (NDR), and secure access service edge (SASE) architectures to provide end-to-end security visibility and threat prevention.
• Conduct threat modeling, security assessments, and architecture reviews to identify risks and implement strategic security enhancements across legacy and modern systems.
• Serve as a change agent, driving security culture transformation and adoption of security best practices through mentoring, training, presentations, and executive communication.
• Provide strategic security governance guidance aligned with compliance frameworks and risk tolerance; present complex technical concepts to all organizational levels.
• Drive innovation by evaluating and implementing emerging security technologies, methodologies, and threat intelligence.

Requirements

• Minimum 3+ years architecting enterprise security solutions with deep expertise in proactive threat prevention and zero trust architecture.
• Advanced proficiency with Microsoft Defender Suite (Defender for Endpoint, Cloud, Identity, Office 365); SC-100/SC-200/SC-300 or equivalent certification or in-progress.
• Strong hands-on experience architecting identity and access management (IAM), including cloud directory services, conditional access policies, privileged access management (PAM), and privileged credential management platforms.
• Proven expertise designing network security architectures: zero trust segmentation, load balancing, web application firewalls, SASE platforms, and secure remote access solutions.
• Demonstrated proficiency with vulnerability management platforms, network detection and response (NDR) tools, and security information and event management (SIEM) solutions.
• Bachelor's degree in Cybersecurity, IT, Computer Science, or equivalent professional experience.
• CISSP or equivalent advanced certification is a strong benefit.
• Strong understanding of threat modeling, security architecture frameworks (NIST, ISO 27001), and compliance requirements relevant to financial services (SOC 2, PCI-DSS).
• Hands-on incident response planning, threat detection strategy development, and security operations experience.
• Practical knowledge of endpoint protection, mobile device management, and application security controls.
• Excellent communication and presentation skills with ability to influence across all organizational levels.
• Proven change management experience; ability to drive security adoption and cultural transformation.
• Self-motivated innovator who stays current with emerging threats and security technologies.
• Experience mentoring junior security professionals and building high-performing security teams is a plus.

Tech Stack

• Azure
• Cloud
• Cyber Security
• Firewalls

Benefits

• Health insurance
• Professional development