Enterprise Security Architect

Position: Enterprise Security Architect

Location: Newark, NJ (Hybrid Model: 3 days in a week from office)

Duration : Long term Contract

Role Purpose

Define enterprise security architecture standards, create security patterns and frameworks, establish security controls by tier, and provide the security templates that enable secure-by-design solutions. This role creates security patterns and standards, not operational security implementation.

Experience:

• 7 years in security architecture, enterprise architecture, or cybersecurity
• 5 years creating enterprise security standards and patterns
• Proven experience with zero-trust architecture and secure design patterns
• Experience establishing security controls frameworks and compliance patterns
• Track record conducting threat modeling and security architecture reviews

Certifications (Required/Preferred):

• CISSP (Certified Information Systems Security Professional) - required
• TOGAF certification - preferred
• SABSA certification - preferred
• Cloud security certification (AWS Security Specialty, Azure Security Engineer, Google Cloud Security Engineer) - preferred
• CISM or CISA - preferred

Required Skills

• Security pattern library creation
• Security controls by tier
• Zero-trust patterns
• Threat modeling frameworks (STRIDE, PASTA)
• Security testing frameworks (SAST, DAST)
• DevSecOps patterns
• InfoSec policy to pattern translation
• Compliance frameworks (SOC 2, ISO 27001, GDPR, HIPAA)
• IAM patterns and implementation
• Encryption and key management
• API security patterns
• Cloud security (AWS, Azure, GCP)

Preferred Qualifications

• Experience in highly regulated industries (healthcare, finance, government)
• Background in penetration testing or offensive security
• Experience implementing zero-trust at enterprise scale
• Deep knowledge of compliance frameworks and audit processes

Key Responsibilities

Enterprise Security Standards & Patterns (40%)

• Define security architecture reference architectures (zero-trust, defense-in-depth)
• Create security patterns library (authentication and authorization patterns, API security patterns, data protection patterns, network security patterns, application security patterns)
• Establish security controls by application tier (Tier 0: HSM, 24/7 SOC, multi-region DR; Tier 1: MFA, encryption at rest/transit, WAF; Tier 2/3: standard security controls)
• Define identity and access management (IAM) patterns
• Document encryption and key management standards
• Create secrets management patterns

Security Frameworks (30%)

• Build secure design templates for common patterns (web apps, APIs, microservices)
• Develop threat modeling framework (STRIDE, PASTA templates)
• Create security testing framework (SAST, DAST, penetration testing standards)
• Establish DevSecOps patterns and shift-left security standards
• Define security compliance frameworks (SOC 2, ISO 27001, GDPR, HIPAA patterns)

Security Architecture Governance (20%)

• Review solution architectures for security pattern compliance
• Conduct threat modeling for strategic initiatives
• Define security architecture review criteria
• Translate InfoSec policies into architectural patterns
• Establish security exception process

Enablement (10%)

• Train solution architects on security patterns
• Conduct secure design workshops
• Maintain security pattern catalog
• Partner with InfoSec on security requirements

Education:

• Bachelor's degree in Computer Science, Information Security, or related field