Security Solutions Architect (contract)

Please note that this is a contract role providing services to Hilton through Talent Solutions. If you are selected for this role, you will be employed by Talent Solutions and will not be an employee of Hilton. Contract workers are not employees of Hilton or any of its subsidiaries, nor will they be eligible for Hilton benefits.

• US based hybrid role near McLean, VA, Dallas, TX or Memphis, TN onsite 2-3 days/week***
  
  

Job Summary

We are seeking a highly skilled and experienced security-focused solution architect to join our team and play a pivotal role in shaping the security posture of Hilton's most critical customer-facing platforms. In this role, you will serve as a subject matter expert in security solution architecture, partnering closely with engineering, product, platform, and cybersecurity teams to ensure that secure, scalable, and resilient solutions are designed and delivered across web, mobile, API, payments, and identity platforms that serve hundreds of millions of customers worldwide. With a strong foundation in both software engineering and application security, you will translate complex business and technical requirements into pragmatic architecture designs, reusable security patterns, and actionable engineering guidance. This is a high-impact, highly collaborative role for a seasoned professional who thrives at the intersection of security, architecture, and engineering, and who is passionate about embedding security into every stage of the software delivery lifecycle.

Responsibilities

• Lead secure solution architecture for flagship customer-facing initiatives across web, mobile, API, property, and payments platforms, ensuring security is embedded from concept through implementation
• Design and review end-to-end solution architectures, including application components, APIs, integrations, data flows, cloud services, identity patterns, and operational controls
• Translate business and product requirements into pragmatic architecture designs, security requirements, implementation patterns, and engineering guardrails for software engineering teams
• Own and evolve security reference architectures and reusable solution patterns for customer-facing platforms, including API security, customer identity, secure software design, cloud security, encryption and key management, secrets management, logging and monitoring, and secure integration patterns
• Collaborate with enterprise solution architecture, engineering, platform, product, and cybersecurity teams to ensure proposed solutions align with Hilton's architecture models, security and technology standards, regulatory obligations, and long-term platform strategy
• Develop, document, and maintain solution architecture artifacts, security architecture diagrams, reference architectures, implementation guidance, and standards that enable consistent secure delivery across teams
• Engage with cross-functional teams across the full system lifecycle, from strategy and solution design through implementation, deployment, and operations
• Partner with engineering leaders and architects to evaluate solution options, identify security and architecture trade-offs, and guide teams toward designs that balance risk reduction, customer experience, delivery velocity, scalability, resiliency, and maintainability
• Communicate architecture recommendations through diagrams, decision records, reference patterns, and implementation guidance that delivery teams can execute
• Define secure-by-default architecture patterns, security controls, and reusable engineering guidance that materially reduce vulnerabilities and risk in released products
• Produce and maintain solution and security architecture artifacts, including data flow diagrams, network diagrams, and API and integration and identity and access patterns
• Contribute to the continuous development, review, and adoption of security standards, architecture standards, and secure software engineering best practices
• Support governance by reviewing proposed architectures, documenting risks and compensating controls, and helping teams resolve design gaps before implementation or production release
  
  

Skills

• Demonstrated ability to design and review end-to-end secure solution architectures across cloud, application, API, and identity domains
• Practical experience translating business and engineering requirements into secure architecture patterns, design decisions, threat models, and implementation guidance
• Strong understanding of customer identity and authentication technologies, including OAuth 2.0 and OAuth 2.1, OpenID Connect, SAML 2.0, API security, token and session security, and AWS IAM security
• Deep knowledge of cloud and application security concepts, including least-privilege access, network segmentation, secure configuration, encryption and key management, secrets management, logging and monitoring, vulnerability reduction, and secure CI/CD considerations
• Strong cryptography fundamentals with experience architecting solutions for protecting customer data, preventing online fraud, and reducing abuse in customer-facing digital channels
• Ability to clearly communicate design decisions, trade-offs, risks, and recommended controls to business, engineering, architecture, and security stakeholders
• Experience building or designing secure customer-facing web, mobile, API, payments, identity, or cloud platforms at enterprise scale
• Familiarity with industry regulations and frameworks such as PCI DSS, GDPR, CCPA, NIST 800-53, SOC 2, ISO 27001, and PSD2 and SCA
• Excellent communication, presentation, facilitation, and interpersonal skills, with the ability to influence stakeholders across engineering, architecture, product, business, and cybersecurity functions
• Experience in hospitality, ecommerce, financial services, travel, payments, or high-volume customer digital platform environments is a plus
  
  

Experience

• 7 years of professional work experience in technology, software engineering, cybersecurity, architecture, or a related field
• 5 years of hands-on software engineering, software development, or application delivery experience, with demonstrated understanding of modern engineering practices, SDLC, APIs, integrations, cloud services, and production operations
• 3 years of solution architecture or enterprise architecture experience, including designing or reviewing end-to-end application, platform, integration, cloud, or customer-facing digital solutions
• 3 years of experience in one or more of the following domains: product security, application security, solution architecture, enterprise architecture, customer identity and access management, API security, cloud security, cryptography, AI security, or payments
• 2 years in a solution architect, enterprise architect, security architect, or senior software engineer role responsible for architecture-level design decisions is preferred
• Strong software engineering and development background, preferably 5 or more years, with experience in modern programming languages, API design, secure coding practices, cloud-native architectures, and engineering delivery models
• One or more industry certifications such as CISSP, CCSP, AWS Certified Solutions Architect at the Associate or Professional level, AWS Certified Security Specialty, TOGAF, SABSA, or an equivalent architecture or security certification is preferred
  
  

This is a rare opportunity to make a meaningful and lasting impact on the security of digital experiences used by hundreds of millions of travelers around the world. You will work at the forefront of enterprise security architecture, collaborating with talented teams across a globally recognized brand to shape the future of secure, customer-centric technology. If you are a driven, technically deep, and collaborative professional who wants to influence architecture at scale and help build platforms that are trusted by guests and partners worldwide, this role offers the challenge, visibility, and scope to take your career to the next level.