Cyber Security Architect (with AI security focus)

We are seeking a Senior Cybersecurity Architect to serve as the strategic and technical leader advancing our global cyber architecture and engineering maturity. Reporting directly to the CISO, this individual will act as the principal technical authority on cybersecurity architecture and engineering execution—driving secure design practices, technology modernization, automation, and adoption of emerging security capabilities.

This role partners closely with application, infrastructure, and business teams to define, evaluate, and implement cybersecurity architectures that balance innovation, agility, and risk management. The successful candidate will help evolve our hybrid security ecosystem, spanning on-premises and Azure Cloud environments, and lead engineering initiatives in emerging areas such as AI Security, Cloud-native defense models, AI-driven automation, and continuous controls monitoring.

Key Responsibilities

Strategic & Leadership

• Serve as the CISO’s principal technical advisor on cybersecurity architecture, engineering strategy, and emerging technology risks.
• Drive the execution of architectural and engineering objectives within the cybersecurity program, ensuring alignment with the CISO’s overall strategy and governance framework.
• Lead Cybersecurity Technology Build (CTB) initiatives, identifying opportunities to modernize, automate, and integrate security capabilities across platforms.
• Translate complex security architecture requirements into actionable roadmaps that balance business priorities, risk tolerance, and regulatory expectations.
• Contribute to shaping the cybersecurity technology roadmap, evaluating innovative solutions through lab testing and strategic vendor partnerships.

Architectural & Technical

• Define and maintain cybersecurity architectural blueprints, ensuring alignment across applications, infrastructure, cloud, and data domains.
• Conduct architecture design reviews across applications, infrastructure, and cloud domains to ensure adherence to corporate policies, technical standards and security best practices.
• Evaluate, pilot, and integrate emerging security technologies—including AI/ML security controls, continuous controls monitoring solutions, and Zero Trust frameworks.
• Develop and maintain enterprise security architecture patterns and reference models, consistent with NIST CSF, ISO 27001, and MITRE ATT&CK frameworks.
• Oversee threat modeling, security assessments, and control design for major technology initiatives.
• Guide engineering teams in implementing secure configurations, hardening standards, and automated control validations to embed security-by-design principles across the enterprise.

Governance & Collaboration

• Collaborate with Cyber Operations, GRC, and IT Infrastructure teams to ensure consistent architecture enforcement and operational integration.
• Establish and evolve governance processes to ensure architectural consistency, control effectiveness, and secure technology adoption across global programs.
• Contribute to cybersecurity strategy development, budget planning, and investment roadmaps.
• Partner with global cybersecurity and IT teams across North America, EMEA, and APAC to ensure alignment and operational consistency.
• Act as a technical point of contact for community engagement with industry groups such as FS-ISAC, participating in intelligence sharing and best-practice exchanges.
• Mentor and develop engineers and architects, fostering technical excellence and a culture of continuous improvement.

Qualifications and Experience

• Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field.
• Experience: 10–15 years of progressive experience in cybersecurity, with at least 10 years leading security architecture and engineering functions in complex enterprise environments.
• Certifications: CISSP, CCSP, CISM, or relevant cloud security and architecture certifications preferred.
• Technical Expertise:
• Proven leadership in hybrid environments (on-premises Azure Cloud).
• Deep understanding of application, infrastructure, and cloud security architecture.
• Experience in AI/ML security, automation, continuous controls monitoring, Zero Trust, Identity and Access Management (IAM, PIM, MFA, SSO), and data protection frameworks.
• Proficiency with enterprise cybersecurity platforms such as Endpoint Protection Platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender), SIEM’s (e.g., Splunk, CrowdStrike Next-Gen SIEM, Microsoft Sentinel), and deception technologies.
• Proficiency with DevSecOps integration, infrastructure-as-code security, and automated compliance tooling.
• Experience with Cyber Threat Intelligence and Threat Hunting frameworks, processes, and platforms.
• Hands-on familiarity with SIEM, EDR/XDR, DLP, PKI, and vulnerability management solutions.
• Strong understanding of industry standards and frameworks (NIST, ISO 27001, CIS Controls).
• Experience working with global teams and managing cybersecurity initiatives across multiple regions and time zones.

Core Competencies

• Strategic Influence: Shapes cybersecurity technical direction and engages senior technology stakeholders in risk-aware decision-making.
• Technical Authority: Recognized as a trusted expert in secure architecture, engineering, and technology integration.
• Collaboration: Builds partnerships across IT and business domains and collaborates effectively with global colleagues.
• Innovation: Champions AI automation, continuous control enhancement, and secure-by-design innovation to improve resilience and efficiency.
• Communication: Simplifies complex cybersecurity concepts for executive and business audiences with clarity and precision.

Values & Culture Alignment

• Acts with non-negotiable integrity and maintains the highest professional standards.
• Demonstrates intellectual curiosity, seeking to continually advance the firm’s cybersecurity engineering posture.
• Embodies collaboration, transparency, and accountability in all engagements.
• Dedicated to protecting client trust through security excellence and proactive risk management.

Special Requirements

• Required to be onsite in primary office location (New York or Seattle) four days per week.
• Occasional after-hours or weekend support may be necessary for global collaboration or incident response.