Solutions and Security Architect

The Solution and Security Architect is responsible for defining, designing, and governing technology solutions that enable the organization to operate securely, efficiently, and at scale. The role exists to ensure that all applications and infrastructure components adhere to enterprise architecture principles, comply with regulatory and security standards, and support the organization’s business objectives.

This position provides architectural leadership across the full lifecycle of technology initiatives, translating business requirements into scalable and resilient technical solutions. It also ensures that cybersecurity considerations, risk management, and compliance are embedded into all designs and deployments.

By establishing and maintaining enterprise architecture standards, frameworks, and roadmaps, the Enterprise Architect enables consistent, secure, and future-ready technology delivery across distributed and enterprise environments. The role serves as a trusted advisor to technical and business stakeholders, bridging the gap between operational needs, regulatory compliance, and technology strategy.

Key Accountabilities / Job Functions

Architecture & Technology Governance (60%)

• Translate business requirements into enterprise-level architecture designs using modern, secure, and scalable technologies.
• Develop high-level and detailed architecture designs, including:
• Network topology and segmentation
• Virtual machines, cloud workloads, and hosting models
• Data flows, integrations, and interfaces
• Firewall rules, ports, and security zones
• Define and maintain enterprise architecture standards, reference architectures, and design patterns.
• Provide technical requirements and specifications to application and infrastructure teams for development, testing, and deployment.
• Govern solution delivery by reviewing designs, validating implementations, and ensuring alignment with approved architecture standards.
• Support strategic planning by contributing to technology roadmaps and evaluating emerging technologies.

Cybersecurity, Risk & Compliance (20%)

• Ensure architecture designs align with Zero Trust principles, security best practices, and compliance frameworks (e.g., NIST CSF, PCI DSS).
• Conduct security architecture reviews to identify gaps, risks, and control deficiencies.
• Partner with Cyber Security teams to define mitigation strategies and remediation approaches.
• Oversee vulnerability management activities by:
• Reviewing results from tools such as Qualys, Orca, and Snyk
• Supporting remediation planning and risk acceptance documentation
• Communicating security posture and risks to stakeholders
• Ensure compliance across infrastructure and application components, including:
• Virtual machines, databases, and networks
• Certificates, encryption, and security configurations
• Maintain architectural accountability for security-related configuration and design decisions.

Configuration, Operations & Resilience (10%)

• Ensure all application and infrastructure components are accurately maintained in the Configuration Management Database (CMDB).
• Establish secure configuration management practices aligned with enterprise standards.
• Define architecture requirements for disaster recovery, business continuity, and resilience.
• Provide architectural oversight for third-party vendors to ensure compliance with security and enterprise standards.
• Validate that production deployments conform to approved architecture designs and security requirements.

Collaboration & Stakeholder Engagement (10%)

• Work closely with technical and business teams to tailor solutions for operational and regulatory requirements.
• Collaborate with IT, business teams, and external partners to ensure alignment across architecture, security, and delivery.
• Translate complex technical concepts into clear, business-focused communication for leadership and stakeholders.
• Serve as a trusted advisor on architecture, security, and technology risk within the organization.

Additional Responsibilities

• Perform other duties as assigned.
• Adhere to Corporate Policies and Procedures, including Code of Conduct, Audit Procedures, and any control-related responsibilities for financial or operational data entered, stored, or reported via business systems within the employee’s control.

Knowledge, Skills & Abilities Needed

Enterprise & Solution Architecture

• Ability to design and govern enterprise-level and solution architectures in large, complex environments.
• Strong understanding of hybrid architectures, including on-premises, cloud, and distributed deployments.
• Expertise in defining architecture standards, reference architectures, and design patterns.
• Proven skill translating business, operational, and regulatory requirements into scalable, resilient technical solutions.
• Experience designing:
• Network topology, segmentation, and secure connectivity
• Virtualized environments and cloud workloads
• Application integrations, data flows, and interface patterns
• Ability to provide architectural oversight across the full delivery lifecycle, from design through production deployment.

Cybersecurity Architecture & Risk Management

• Working knowledge of Zero Trust principles and defense-in-depth strategies.
• Ability to embed security controls and risk considerations into architecture designs.
• Experience conducting security architecture reviews and identifying gaps or control weaknesses.
• Familiarity with vulnerability management processes, including interpreting scan results and supporting remediation efforts.
• Understanding of risk assessment, remediation planning, and risk acceptance/exception processes.
• Knowledge of cybersecurity and compliance frameworks such as:
• NIST CSF
• PCI DSS

Collaboration & Stakeholder Engagement

• Strong ability to collaborate across Technology, Cyber Security, Infrastructure, Business, and Vendor teams.
• Skill in influencing technical decisions without direct authority.
• Ability to communicate complex technical concepts clearly to non-technical stakeholders and leadership.
• Experience acting as a trusted advisor on architecture, security, and technology risk.

Preferred / Differentiating Skills

• Experience supporting hospitality, financial services, healthcare, manufacturing, gaming, or other regulated industries.
• Familiarity with highly distributed or multi-site operational environments.
• Architecture or security certifications (e.g., TOGAF, CISSP, CISM, Cloud Architect certifications).

Qualifications

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field required.

Experience Required

• 5–8 years of progressive experience in technology roles, with increasing responsibility across architecture, infrastructure, and security domains.
• 3–5 years in an Enterprise Architect, Solution Architect, or Security Architect role.