Information Security Solutions Architect

Summary

Reporting to the Deputy CISO, this is a hands-on Security Solutions Architect role focused on cyber and information security within an Information Risk Management function. The role is responsible for designing and guiding the implementation of secure technology solutions across the organization, including both in house developed and SaaS-based platforms.

This position is critical to embedding security throughout the technology lifecycle by partnering with business, technology, and cross functional teams to understand requirements, workflows, and system architectures. The successful candidate will be self-driven, highly proficient in cybersecurity, third party risk management, data security, and general IT risk management processes.

The role requires strong experience integrating security controls into product and solution design, ensuring the organization can effectively detect, contain, and respond to security threats while enabling business objectives. The environment is fast paced and technologically progressive, including early adoption of cloud services and the challenges of integrating those services into mature security practices.

Responsibilities

• Lead security-focused solutions architecture efforts to ensure security controls are incorporated early into the development lifecycle for in house applications, SaaS solutions, infrastructure initiatives, and technology processes.


• Partner with business and technology teams to document workflows, system architectures, and data flows, identifying appropriate security considerations for each solution.


• Apply threat modeling methodologies to identify security threats, vulnerabilities, and attack vectors across applications, infrastructure, and data layers.


• Ensure identified security requirements are implemented and that solutions are configured according to secure design principles.


• Design and oversee security integrations, including secure authentication and authorization, audit logging, secrets management, data protection, and third party integrations.


• Support SaaS and third party security assessments; collaborate with service owners, business stakeholders, and vendors to align solutions with internal security policies.


• Identify security risks and recommend appropriate mitigating controls or risk treatment options.


• Develop and deliver security training and guidance to technology teams to improve awareness and adoption of secure practices during onboarding of new solutions.

Required Qualifications

• Minimum of 8 years of experience in Information Security with a Bachelor's degree.


• At least 3 years of experience in a Security Architect or Solutions Architect role with a strong security focus.


• Ability to create and review system and solution architecture diagrams using tools such as Lucidchart or equivalent.


• Experience with SaaS and cloud architectures, including Azure, AWS, and Microsoft 365; exposure to enterprise SaaS platforms such as SAP S/4HANA, Workday, or Salesforce preferred.


• Experience applying cybersecurity frameworks such as NIST CSF and CSA Cloud Controls.


• Cybersecurity certifications (e.g., CISSP, CISM) or equivalent professional experience preferred.


• Familiarity with operational tools such as JIRA, ServiceNow, and risk management platforms.


• Experience working with regulatory and contractual standards such as GDPR, CCPA, SOX, or similar.


• Experience conducting or supporting third-party security assessments and standards (SOC, ISO 27001, SIG).


• Strong communication skills with the ability to clearly convey complex technical and security concepts to audiences at all levels.


• Excellent organizational and collaboration skills, including the ability to coordinate across teams and stakeholders.


• Proven ability to work effectively in a collaborative, fast-changing environment where requirements and processes evolve.