Principal Cybersecurity Architect (Remote- US)

Principal Cybersecurity Architect (Remote- US)

Job Summary:

The Principal, Cybersecurity Architect is a senior individual contributor role reporting to the Sr. Director of Cybersecurity Services. This position serves as a top-level technical expert responsible for shaping enterprise-wide security architecture strategy, defining security standards, and embedding cybersecurity into all layers of technology. The Principal Architect drives architectural excellence, ensures alignment between cybersecurity and business objectives, and provides deep technical leadership across multi-cloud, infrastructure, application, and emerging technology domains. This role partners extensively with architects, engineering teams, IT leadership, and business stakeholders to deliver secure-by-design solutions and continuously improve the organization''s security posture.

Key Responsibilities:

Security Architecture Leadership

• Develop and maintain the enterprise security architecture strategy, ensuring alignment with business, technology, and threat landscapes

• Define and evolve reference architectures, models, standards, templates, and reusable security patterns for use across projects and operations

• Lead the development of architecture roadmaps covering on-premises environments and multi-cloud platforms (AWS, Google Cloud Platform)

Cloud & Infrastructure Security

• Lead security architecture for AWS and Google Cloud Platform, ensuring secure network design, identity, data protection, logging/monitoring, and workload security

• Validate infrastructure components (firewalls, IPS, WAF, EDR/antimalware, etc.) against best practices and recommend improvements

• Architect and guide implementation of advanced cloud security controls, including encryption, network segmentation, key management, and workload protection

Identity, Access & Zero Trust

• Design and enforce IAM strategy and architecture, including SSO, MFA, RBAC, least privilege, and identity lifecycle management

• Apply Zero Trust principles to enterprise architecture, identity, data, applications, and network boundaries

Security Strategy, Risk & Threat Intelligence

• Track industry, technology, and threat trends; integrate insights into architectural decisions and cybersecurity strategy

• Conduct threat modelling (STRIDE, PASTA, MITRE ATT&CK) to inform secure solution design

• Ensure architectural alignment with regulatory, compliance, and industry frameworks (NIST, ISO 27001, SOC 2, HIPAA, PCI)

Architecture Review & Governance

• Perform architecture reviews for cloud, applications, infrastructure, and configurations to ensure adherence to enterprise security standards

• Serve as a trusted advisor to enterprise architects, solution architects, engineering teams, and product teams

• Collaborate with control owners and security engineers to define and allocate appropriate security controls

OT/IoT & Emerging Technology Security

• Partner with operational and facility management teams to review and strengthen cybersecurity controls for OT and IoT systems.

Incident Response & Technical Expertise

• Provide advanced architectural guidance during security incidents, including cloud forensics, containment strategies, and remediation design

Continuous Innovation & Improvement

• Evaluate new security technologies, methodologies, and automation capabilities to strengthen enterprise security posture

• Contribute to continuous improvement initiatives across cybersecurity services, engineering, and operations teams

Required Qualifications:

• 10+ years of experience in cybersecurity architecture and engineering, with deep expertise across cloud, infrastructure, and application domains

• Proven experience designing, implementing, and governing enterprise-scale security architectures

• Strong understanding of security architecture frameworks, principles, and best practices (e.g., Zero Trust, data isolation, encryption)

• Hands-on experience with AWS and Google Cloud Platform security services and controls

• Experience with NIST, ISO 27001, MITRE ATT&CK, and other security frameworks

• Background in process optimisation methodologies (Lean, Six Sigma, ITIL, Agile)

• Experience with container and serverless security (Kubernetes, Docker, Helm)

• Hands-on experience with SIEM, SOAR, EDR, cloud security tools, and vulnerability management

• Strong communication skills, including the ability to influence technical and non-technical stakeholders

Preferred Qualifications:

• Certifications such as CISSP, CISM, CISA, ITIL, Lean Six Sigma, PMP, or architecture framework certifications

• Experience in large, complex enterprises or regulated industries

• Expertise in cybersecurity automation, scripting, and security analytics

Key Skills:

Technical Skills

• AWS & Google Cloud Platform Security Architecture

• Zero Trust & IAM Design (SSO, MFA, RBAC)

• SIEM, SOAR, EDR & Vulnerability Management

• Threat Modelling (STRIDE, PASTA, MITRE ATT&CK)

• Container & Serverless Security (Kubernetes, Docker, Helm)

• Security Frameworks: NIST, ISO 27001, SOC 2, HIPAA, PCI

• Encryption, Network Segmentation & Key Management

• OT/IoT Security & Cloud Forensics

Soft Skills

• Ability to translate business requirements into technical architecture

• Strong stakeholder communication across all levels

• Leadership and ability to drive cybersecurity strategy

• Cross-functional collaboration and advisory skills

• Balance of deep technical expertise and business alignment

• Continuous improvement and innovation mindset

• Process optimisation (Lean, Six Sigma, ITIL, Agile)

• Incident response and crisis management communication

Other Job Details:

• Duration: 6+ months with a high possibility of extension.
• Location: Remote 
• Pay Rate: Open to market, compensation is based on experience.
• Interviews: Video interviews.
• Docs required: Proof of ID may be required if the client requests it before the interview.