Cybersecurity Architect

Cybersecurity Architect
Boston, MA (Remote)
Contract

Job Description

Core Requirements:
12+ years of experience in cybersecurity architecture and engineering.
Must have experience designing Post-Quantum Cryptography (PQC) strategies and crypto-agility frameworks for enterprise environments.
Hands-on expertise in confidential computing using Trusted Execution Environments (TEEs).

Other Requirements:
Experience building privacy-preserving systems using differential privacy and federated learning
Strong background in AI-driven cybersecurity, including UEBA, SOAR automation, and autonomous SOC architectures
Advanced detection engineering, including detection-as-code and SIEM optimization at scale
Deep expertise in Zero Trust Architecture (NIST 800-207) including identity-aware access and micro-segmentation
Strong experience in cloud security across AWS, Azure, and Google Cloud Platform (CSPM, CWPP, CNAPP)
Proven expertise in IAM/PAM, identity federation, and passwordless authentication (FIDO2, biometrics)
Experience with DevSecOps (SAST, DAST, SCA, SBOM, secure SDLC)
Strong knowledge of threat modeling frameworks (STRIDE, MITRE ATT&CK)
Hands-on experience with SIEM/SOAR platforms and incident response automation
Expertise in Kubernetes and container security, including runtime protection
Experience in API security and service mesh security (mTLS, Zero Trust networking)
Strong understanding of data security (DLP, encryption, tokenization, HSM-based key management)

Key Responsibilities:
Security Architecture & Strategy
Define and implement enterprise-wide security architecture strategy across cloud and hybrid environments
Lead Zero Trust transformation initiatives to reduce attack surface and improve security posture
Design crypto-agility and future-proof encryption strategies for evolving threat landscapes Advanced Security Engineering
Architect and deploy AI-driven threat detection and response systems
Design and implement privacy-preserving and confidential computing solutions
Lead post-quantum security readiness initiatives Cloud & Platform Security
Secure large-scale multi-cloud and Kubernetes environments
Design and deploy CNAPP platforms integrating CSPM, CWPP, and CIEM
Build scalable DevSecOps pipelines with integrated security controls Threat & Risk Management
Lead threat modeling, red teaming, and adversarial simulations
Develop and enhance threat intelligence platforms aligned with MITRE ATT&CK
Drive detection engineering and security observability improvements Data Protection & Resilience
Architect enterprise data protection platforms (encryption, tokenization, DLP)
Design cyber resilience strategies, including ransomware defense and recovery mechanisms

Preferred Qualifications:
Experience in financial services, telecom, or government sectors
Familiarity with regulatory frameworks (SOC2, ISO 27001, HIPAA, PCI-DSS)
Certifications such as CISSP, CISM, CCSP, AWS Security Specialty
Experience leading large-scale security transformation programs
Bachelor s or Master s in Computer Science, Cybersecurity, or related field (Master s preferred)