Enterprise Cyber Security Solution Architect

STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!

Strategic Staffing Solutions is currently looking for a Enterprise Cyber Security Solution Architect, W2 long term contract opportunity with one of its largest clients!!

Job Title: Enterprise Cyber Security Solution Architect

Location(s):North Tampa, FL (Hybrid)

**NOTE:**

NO Corp. to Corp. and Must be Local to Tampa to be considered.

Must legally be able to work in the United States for any employer effective immediately.

Overview

• The Enterprise Cyber Security Solution Architect is responsible for designing, maturing, and governing enterprise-wide cybersecurity solutions that protect critical information assets and infrastructure.
• This role serves as a solution architect and technical authority, defining future-state architectures, security standards, and multi-year roadmaps, while partnering with engineering teams, system integrators, and Managed Security Service providers (MSS) for execution and operations.
• The position provides architectural leadership across:
• Identity & Access Management (IAM/IGA)
• Privileged Access Management (PAM)
• Data Loss Prevention (DLP)
• Application Security
• Public Key Infrastructure (PKI)
• Note: This is an architecture-focused role and does not involve hands-on implementation or day-to-day administration.

Qualifications (Summary)

• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related field (or equivalent experience)
• 8 years of cybersecurity or IT experience with strong architecture exposure
• Demonstrated expertise across IAM/IGA, PAM, DLP, Application Security, and PKI
• Strong communication, documentation, and strategic planning skills

Certifications

Required:

• Two cybersecurity certifications (or ability to obtain within 1 year) from recognized vendors (e.g., (ISC)², GIAC, ISACA, CompTIA, EC-Council)

Preferred:

• ITIL v3
• Certifications such as: CISSP, CISM, CISA, CRISC, CEH, GIAC, OSCP, SSCP (or similar)

Experience

• 8 years of experience in cybersecurity or IT, including:
• Security architecture
• Risk analysis and security assessments
• Systems or infrastructure security
• Data protection (DLP/FIM)

Knowledge, Skills & Abilities

• Expert-level understanding of cybersecurity architecture and best practices
• Strong knowledge of:
• Threat landscape, vulnerabilities, and risk management
• IAM, data protection, application, and infrastructure security
• Enterprise architecture frameworks and models
• Security frameworks (e.g., NIST, ISO 27001)
• Experience with:
• SIEM, IDS/IPS, endpoint protection, and threat intelligence tools
• Risk assessments and vulnerability analysis
• Strong analytical, problem-solving, and communication skills
• Ability to work across technical and non-technical stakeholders
• Adaptability to evolving technologies, threats, and regulatory requirements

Working Conditions

• Standard office environment
• Occasional after-hours, weekend work, and on-call participation

Physical Requirements

• Standard office-related physical demands

Primary Duties & Responsibilities:

Identity Management & Identity Governance (IAM / IGA) – 35%

• Define and maintain IAM/IGA reference architectures, standards, and roadmaps aligned with Zero Trust and least privilege principles
• Provide architecture leadership for Microsoft Entra ID (passwordless authentication, Conditional Access, SSO, identity federation)
• Architect and mature Saviynt IGA capabilities (RBAC, role catalog, entitlement management, access certifications)
• Design identity controls to mitigate BYOD risk using Conditional Access and device trust strategies
• Lead integrations with enterprise platforms (e.g., PAM tools, ITSM, ERP systems)
• Govern non-human/workload identities in coordination with IAM and PAM platforms

Privileged Access Management (PAM – CyberArk) – 25%

• Serve as the enterprise PAM solution architect and design authority
• Define and lead the PAM maturity roadmap (pilot → enterprise rollout → MSS transition)
• Architect advanced capabilities including:
• Privileged session recording
• Secure credential access
• Just-in-time (JIT) provisioning
• Privilege reduction strategies
• Establish PAM architectures across on-prem, cloud, hybrid, and distributed environments
• Provide governance oversight to ensure scalable, secure, and compliant implementations

Data Loss Prevention (DLP – Microsoft Purview) – 15%

• Lead architecture for enterprise DLP capabilities
• Define data classification, labeling, and protection strategies across:
• Email
• Endpoints
• Cloud platforms
• Data at rest
• Align DLP with IAM, Conditional Access, and data governance requirements
• Partner with Legal, Compliance, and Risk teams to meet regulatory and privacy standards

Application Security (Architecture & Secure SDLC) – 15%

• Define secure application architectures and secure coding standards
• Integrate security into the Software Development Lifecycle (SDLC)
• Provide guidance on authentication, authorization, and secure data handling
• Support security architecture reviews and risk assessments for critical systems

PKI & Certificate Management – 5%

• Provide governance for PKI and certificate lifecycle management
• Define standards for certificate issuance, renewal, revocation, and automation
• Support certificate-based authentication and passwordless initiatives

Cyber Defense & Security Governance – 5%

• Contribute to architecture and governance of threat detection and response capabilities
• Support development of security standards, policies, and control frameworks
• Act as a trusted advisor in security architecture and enterprise risk discussions

Relationships

Internal:Information Security, Enterprise Architecture, IAM/IGA teams, Application Development, Infrastructure, Cloud, Risk, Compliance, Audit, Executive Leadership

External:System Integrators, Security Vendors, Managed Security Service Providers, Auditors, Industry Partners