The ideal candidate will have a strong bias for action, thrive in ambiguous environments, and possess the ability to adapt to shifting priorities while delivering impactful results. This is an opportunity to play a critical role in securing our systems and applications in a fast-paced, high-stakes environment.

Key Responsibilities

Strategic Security Architecture

Design and implement robust security architectures that integrate vulnerability management, application security, and legacy system hardening into a cohesive framework. Develop and maintain architectural standards, guidelines, and reference models to support secure system and application design. Ensure security requirements are integrated into all phases of the software development lifecycle (SDLC) and system design.

Vulnerability Management

Architect and enhance vulnerability management processes, including the identification, prioritization, and remediation of risks across the enterprise. Collaborate with DevOps, IT, and security teams to ensure seamless integration of vulnerability management tools (e.g., Tenable, Qualys) into workflows. Provide technical guidance on the mitigation of vulnerabilities, including patch management, compensating controls, and long-term architectural improvements.

Application Security

Define and implement application security architecture strategies to address OWASP Top 10 risks, 3rd-party dependencies, and SAST/DAST findings. Partner with development and DevSecOps teams to embed security in CI/CD pipelines, enabling secure releases without compromising speed. Evaluate and recommend application security tools, technologies, and methodologies to support organizational goals.

Legacy System Hardening

Lead initiatives to identify security gaps in legacy systems and design hardening strategies that reduce risk without disrupting critical operations. Provide innovative solutions to secure outdated technologies and ensure alignment with modern security frameworks and standards. Document and communicate technical approaches for legacy system remediation to stakeholders across the organization.

Collaboration and Leadership

Serve as a trusted advisor to technical and business teams, bridging gaps between security, IT, and development. Lead architectural reviews and threat modeling sessions to identify and mitigate risks proactively. Educate and mentor junior staff and stakeholders on security best practices and architectural principles.

Continuous Improvement

Stay informed of emerging threats, technologies, and trends to enhance security architectures proactively. Drive the adoption of automation and orchestration to streamline security processes and improve efficiency. Advocate for a security-first mindset across the organization by promoting awareness and accountability.  

Required Qualifications

Education: Degree in Cybersecurity, Computer Science, or related field. Master’s degree preferred. Experience: 10+ years in cybersecurity, with at least 3 years in a security architecture or engineering role. Proven experience designing and implementing security solutions for vulnerability management, application security, and legacy systems. Strong compliance background  Certifications: CISSP, CISM, SANS, OSCP, or related  certifications are highly desirable.  

Desired Skills

Deep understanding of security frameworks and standards (e.g., OWASP Top 10, NIST, CIS, ISO 27001). Proficiency in secure coding practices, threat modeling, and system architecture design. Strong knowledge of legacy system challenges and approaches to secure outdated technologies. Ability to work in dynamic environments with shifting priorities and tight deadlines. Excellent communication skills to convey complex technical concepts to non-technical audiences.

Career Level - IC4