Senior Cybersecurity Architecture Engineer

Cybersecurity Governance & Compliance:

• Lead development and maintenance of cybersecurity policies, standards, and procedures in alignment with NIST, SOC2, and NAIC frameworks.
• Conduct enterprise-level risk assessments and document control gaps with measurable remediation timelines.
• Maintain regulatory and industry compliance (SOX, PCI-DSS, SOC2) by conducting regular audits and reporting to executive stakeholders.

Cybersecurity Engineering & Architecture:

• Evaluate current and future cybersecurity architectures for infrastructure and applications; assess and adopt emerging technologies based on industry standards (NIST, SOC2, PCI, SOX).

• Architect, deploy, and maintain ZTNA frameworks to ensure secure access across all systems and devices.

• Oversee IAM solutions and governance across Azure EntraID and Okta, including implementation of MFA, SSO, and PAM.

• Lead design and deployment of secure hybrid cloud infrastructures, leveraging SASE, DLP (Microsoft Purview or similar), and EDR.

• Risk Management:

• Operationalize risk registers and lead risk meetings.

• Partner with business and technology teams to define risk mitigation strategies and drive remediation.

• Infrastructure & Technical Security Expertise:

• Architect and optimize secure IT infrastructure and cloud environments.

• Deploy, manage, and monitor Secure Access Service Edge (SASE) solutions for global workforces.

• Implement and maintain Data Loss Prevention (DLP) policies across endpoints, email, and cloud services.

• Lead deployment and continuous tuning of Endpoint Detection and Response (EDR) solutions.

• Threat Hunting & Vulnerability Management:

• Conduct proactive threat hunting exercises leveraging SIEM and threat intel platforms.

• Drive continuous vulnerability management using scanning tools and coordinate patch management cycles with IT.

• Identity and Access Management (IAM):

• Design and enforce identity governance frameworks across Azure EntraID and Okta.

• Manage multi-factor authentication (MFA) and privileged access management (PAM) platforms.

• Asset Management & Security Visibility:

• Maintain comprehensive asset inventory accuracy industry standard ITAM platforms.

• Establish automated asset discovery and reconcile discrepancies with CMDB owners.

• DevSecOps & Application Security:

• Integrate security into all stages of the software development lifecycle (SDLC).

• Support application security initiatives, including static and dynamic code analysis, SAST/DAST tool deployments.

• Collaborate with DevOps teams on secure CI/CD pipeline design.

• Metrics and Reporting:

• Develop and present monthly dashboards on key performance indicators (KPIs) for cybersecurity posture, incident trends, and remediation progress.

• Report material risks and security incidents to the CISO and Cybersecurity Board.