Serve as the authoritative owner of enterprise-wide security architecture, reference architectures, and standards and ensuring they remain current with evolving threats, and emerging technologies as well as ensuring they are embedded into process across engineering and product teams
Provides authoritative security guidance across multiple operating companies and domains, influencing senior leaders to align security strategy with business objectives and adopt consistent standards
Serve as a subject matter authority across a broad portfolio of cybersecurity domains, providing expert guidance on identity and access management, monitoring and detection, cloud security architecture, endpoint security, data protection, and network security
Lead complex security architecture reviews, evaluating proposed designs, systems, and technologies to identify risk exposures and provide actionable, risk-mitigating recommendations to engineering and product teams
Establish and maintain security architecture principles, patterns, and standards aligned to frameworks such as NIST CSF, ISO 27001, and Zero Trust Architecture
Evaluate and advise on the selection of security technologies and tools, assessing fit against organizational needs, risk posture, and strategic direction
Communicate complex cybersecurity risks, findings, and recommendations clearly and concisely to directors and executives, translating technical concepts into business impact and strategic context
Build and sustain trusted relationships across operating companies, technology teams, and leadership to drive security priorities and foster a security-conscious culture
Influence security decisions and adoption of security standards across the organization without direct authority, leveraging expertise, data, and persuasive communication
Own and drive complex, cross operating company security projects and initiatives from initiation through delivery with minimal supervision, proactively identifying risks, managing stakeholder expectations, and removing obstacles
Conduct and lead architectural based security risk assessments of new and existing technologies, third-party integrations, and business processes, producing clear risk findings with prioritized mitigation options
Act as a mentor and technical resource for junior and mid-level security analysts and engineers, sharing expertise and elevating the overall capability of the security organization.

Requirements

Bachelor's degree in Computer Science, Information Security, Management Information Systems, or equivalent combination of education and work experience
Typically 10+ years of progressive experience in information security, with demonstrated depth across multiple security domains
Proven track record of independently leading and delivering complex, cross-functional security projects and programs with minimal direction
Deep technical expertise in Identity and Access Management / Identity Governance, including PAM, IGA, IAM SSO, MFA, and directory services (e.g., Active Directory, Entra ID)
Strong hands-on knowledge of monitoring and detection technologies, including SIEM platforms (e.g., Microsoft Sentinel), EDR/XDR, SOAR, and threat intelligence platforms
Demonstrated expertise in cloud security architecture across one or more major cloud providers (e.g., AWS, Azure, GCP), including cloud-native security controls, IaC security, and multi-cloud environments

Benefits

Bonus/incentive pay and equity awards for eligible roles
A flexible, remote-friendly work environment
Paid holidays and a permissive paid time off policy emphasizing flexibility and trust
Ongoing investment in your career through dedicated training, on-the-job development, and coaching
Total rewards that support your success at work and beyond, including comprehensive health benefits, a 401(k) savings plan with employer match, and associate wellbeing programming with rewards

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

enterprise-wide security architectureidentity and access managementcloud security architectureendpoint securitydata protectionnetwork securityrisk assessmentsmonitoring and detectionsecurity project managementsecurity standards compliance

Soft Skills

influencing senior leaderscommunication of cybersecurity risksrelationship buildingpersuasive communicationmentoringstakeholder managementproblem-solvingstrategic alignmentcross-functional collaborationrisk mitigation