Cybersecurity Architect

The Cybersecurity Architect is responsible for designing, implementing, and maintaining secure architecture across the organization’s cloud environments, with a strong focus on Microsoft Azure. This role ensures that security is embedded in all aspects of identity, data, applications, and operations, aligning with Zero Trust principles and enterprise governance frameworks.

The architect will collaborate with DevOps, Enterprise Architecture, and Infrastructure teams to ensure secure cloud adoption, support compliance, and enhance the organization’s overall security posture.

CSafe offers the most comprehensive suite of thermal shipping solutions for pharmaceutical cold chain shipping needs around the world to ensure patients receive the medicines and treatments they need. In addition to key acquisitions, CSafe has operations in more than 70 locations worldwide to ensure product availability and continue to fulfil our founders’ mission to provide patients around the world with access to viable, life-enhancing pharmaceuticals. With a “client-first” focus, deep industry expertise and commitment to innovation, CSafe continues to deliver industry-leading products provides an end-to-end portfolio including active and passive bulk air cargo, parcel, cell and gene and specialty last-mile use cases. Our team operates with curiosity, humility, accountability, and entrepreneurial spirit to deliver on our vision and mission.

Come join our growing industry and build your career with us! 

Key Responsibilities:

Cloud Security Architecture and Engineering

• Secure Azure architecture for cloud workloads, networking, data, and applications.
• Implement Azure-native security controls and patterns including:
  • Identity and Access Security: Microsoft Entra ID, Conditional Access, MFA, PIM, and PAW.
  • Network Security: Azure Firewall, DDoS Protection, NSGs, Application Gateway (WAF), Private Link, and Hub-Spoke Topology.
  • Data Security: Azure Key Vault, TDE, Always Encrypted, and Confidential Computing.
  • Threat Detection: Defender for Cloud, Endpoint and Identity
• Design Zero Trust-aligned architectures based on the Azure Security Benchmark, Cloud Adoption Framework (CAF), and Microsoft’s Enterprise-Scale Reference Architectures.
• Embed “security by design” into DevOps and CI/CD pipelines using automation, policy-as-code, and continuous compliance.

Integration and Collaboration

• Partner with Enterprise Architecture and DevOps teams to implement security within Azure DevOps and GitHub pipelines.
• Collaborate with external Managed Detection and Response partners to align detection, response, and identity/device security practices.

Governance, Risk, and Compliance (GRC)

• Develop and maintain cloud security governance frameworks aligned to NIST Cybersecurity Framework, Azure Security Benchmark, and CIS Controls.
• Define and enforce Azure Policy and Blueprints for compliance automation and regulatory reporting (NIST 800-53, ISO 27001, SOC 2, etc.).
• Lead security risk assessments and threat modeling for new Azure workloads and services.
• Support audits, remediation plans, and continuous improvement of Microsoft Secure Score and overall maturity.

Innovation and Continuous Improvement

• Evaluate emerging Azure and AI-based security technologies to strengthen detection, response, and automation.
• Drive architecture improvements that reduce vulnerabilities, minimize attack surface, and optimize cloud posture.
• Promote best practices through documentation, training, and architecture reviews.

Qualifications

• Bachelor’s degree in Information Security, Computer Science, or related field.
• 7 years of experience in cybersecurity architecture, with 3 years focused on Microsoft Azure security.
• Deep expertise in Azure-native security services and Zero Trust design.
• Hands-on experience with Defender for Cloud, Azure Policy, Entra ID, and Azure Firewall.
• Certifications preferred:
  • Microsoft Certified: Cybersecurity Architect Expert (SC-100)
  • Microsoft Certified: Azure Solutions Architect Expert (AZ-305)
• Strong understanding of NIST CSF, CIS Controls, and Cloud Adoption Framework.

Our Benefits Include:

• Paid Time OFF (PTO) starting at 25 days & Paid Holidays
• Medical, Dental and Vision Insurance
• 401k with Employer Match
• Group Life & Disability
• Health Spending Account Options
• Identity Protection
• Employee Assistance Program
• Travel Assistance Program
• Financial Wellness Program
• Tuition Reimbursement
• Parental Leave
• Referral Program
• Gym Membership Reimbursement
• Hybrid Work Options

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.