Senior Data Platform Security Architect

Job Title: Senior Data Platform Security Architect

Location: Remote

Duration: / Term: C2C

Experience Desired: 12+ Years
 

Job Description:

Architect and own end‑to‑end security frameworks for data platforms including:

Data lakes, data warehouses, streaming pipelines, and analytics platforms

Technologies such as Snowflake, Databricks, Microsoft Fabric, Kafka, and Spark

Define and enforce data security standards:

• Access control, encryption (at rest/in transit), data masking, tokenization, secrets management
• Lead threat modeling and risk assessments for data platforms and drive remediation

Design and implement IAM strategies:

• RBAC, ABAC, least‑privilege access models
• Establish and mature data classification policies and tiers

Embed security across the full data lifecycle:

• Ingestion, transformation, storage, consumption, and archival

Define security requirements for cloud-native data services across:

• AWS, Azure, and Google Cloud Platform (multi‑cloud / hybrid environments)

Design audit logging, lineage tracking, and monitoring solutions to support:

• Incident detection, forensics, and compliance reporting

Ensure compliance with regulatory and security frameworks including:

• GDPR, CCPA, SOC 2, SOX, USGCB, FCC Decree

Mentor engineers and act as a subject matter expert for secure data platform design

Evaluate and recommend security tools and vendors (DSPM, DLP, etc.)

Communicate security architecture decisions and risk posture to technical and executive stakeholders

Required Qualifications

• 8+ years of experience in information security
• 4+ years focused on data platform or cloud data security architecture
• Deep expertise securing modern data platforms:
• Cloud data warehouses, data lakes, lakehouse, real‑time streaming systems
• Strong knowledge of IAM and zero‑trust principles across:AWS IAM, Azure AD / Entra ID, Google Cloud Platform IAM
• Hands‑on experience with:Encryption, KMS/HSM, data masking, tokenization
• Experience with security and compliance frameworks: GDPR, CCPA, PCI‑DSS, SOC 2, SOX, NIST CSF, USGCB, FCC Decree
• Proficiency in scripting/programming: Python, SQL, Bash (or similar)

Experience with:

• SIEM tools, DSPM platforms, DLP solutions, vulnerability scanners
• Strong communication skills with ability to translate technical risk to business context

Preferred Qualifications

Security certifications:

• CISSP, CCSP, AWS Security Specialty, Google Professional Cloud Security Engineer

Experience with:

• Infrastructure‑as‑Code (Terraform, Pulumi)
• DevSecOps practices

Exposure to data governance tools:

• Collibra, Alation, Apache Atlas

Experience in regulated industries:

• Financial services, Telecommunications

Key Skills:

IAM, RBAC, AWS, Azure, Compliance, GDPR, CCPA.