Lead Cybersecurity Architect

Cybersecurity Architecture Lead

Role Overview

The Cybersecurity Architecture Lead provides strategic and hands-on security expertise to technology and product teams, ensuring that systems are designed and built with security embedded from the outset. This role works across cloud and enterprise platforms to guide secure architecture decisions, reduce risk, and promote consistent security design patterns throughout the organization.

The ideal candidate brings a strong technical foundation in modern infrastructure, the ability to influence cross-functional teams, and the skill to translate security principles into scalable, real-world solutions.

Key Responsibilities

• Serve as a trusted security advisor to engineering and product teams, embedding security considerations into system and application design.
• Guide teams on secure architecture patterns and support implementation of technical security controls.
• Conduct architectural risk assessments and threat modeling for enterprise platforms and customer-facing solutions.
• Provide security architecture input across large initiatives, platforms, and solution domains.
• Collaborate with other security leaders to maintain consistency across policies, standards, and architectural approaches.
• Act as the primary security point of contact for assigned technology and engineering groups.
• Review existing architectures to identify gaps, weaknesses, and opportunities for security improvement.
• Participate in incident response activities and lead architectural remediation planning following security events.
• Promote security awareness by coaching architects and engineers on secure design principles and evolving industry practices.
• Partner with governance, legal, and compliance stakeholders to ensure solutions align with regulatory, contractual, and internal requirements.

Required Qualifications

• Bachelor’s degree in a relevant discipline with 6 years of professional experience, or an equivalent combination such as:
• Master’s degree with 4 years of experience
• Doctorate with 1 year of experience
• 10 years of directly related experience
• At least 4 years of focused experience in cybersecurity or security architecture.
• Hands-on experience designing, securing, or operating cloud-based infrastructure, particularly in AWS environments.
• Ability to communicate security concepts clearly to both technical teams and business stakeholders.
• Strong written communication and executive-level presentation skills.
• Proven ability to build effective partnerships across engineering, infrastructure, and business functions.
• Consultative mindset with the ability to navigate complex or sensitive technical discussions.
• Experience evaluating risk and recommending mitigations based on business impact.
• Knowledge of modern architecture patterns including Zero Trust, IaaS, PaaS, SaaS, containers, virtualization, DevSecOps, and software-defined networking.
• Experience operating in Agile or iterative delivery environments.
• Demonstrated success influencing change and supporting large-scale technology transformations.
• Familiarity with industry security frameworks and standards (e.g., NIST, ISO, FFIEC) and applicable regulatory requirements.

Preferred Qualifications

• Experience defining and implementing security best practices across hybrid and multi-cloud environments.
• Strong understanding of identity and access management, authentication protocols, cryptography, and secrets management.
• Background in application security and secure software development practices.
• Technical depth in one or more development or platform ecosystems (e.g., Python, Java, .NET, serverless architectures).
• Experience designing perimeter, edge, and application-layer security controls such as firewalls and web application firewalls.
• Familiarity with cloud architecture frameworks and reference models.
• Exposure to multiple cloud providers (AWS, Azure, GCP).
• Experience working with container orchestration and serverless platforms.
• Background supporting regulated or high-assurance industries.
• Prior experience in large enterprise, consulting, or complex matrixed environments.
• Relevant professional certifications (e.g., CISSP, CISM, OSCP, cloud security certifications).