Enterprise Cloud Security Architect

Natick, Massachusetts (Hybrid)
 Phone + Video

Job Description

Required Work Experience

• 10 years’ experience in information security.
• 5 years’ experience designing solutions and architectures for governance and security in AWS, Azure or VMware hosting environments.
• 5 years’ experience managing security in cloud environments, ideally supporting cloud DevOps, infrastructure as code, and Kubernetes deployments.
• Proven track record leading security initiatives and managing cross-functional initiatives and projects.
• Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degrees are a plus.

About the Role

As the Enterprise Security Architect, you will be responsible for establishing and promoting security architectures, platforms and strategies that achieve effective and efficient governance and security for the cloud environments, cloud services and software, and emerging AI infrastructure, integrations, agents and services.

In this highly collaborative role, you will work closely with internal business partners worldwide, including IT Infrastructure and Operations, Business Applications, DevOps, Product Development, Software Development, Product Operations & Fulfillment and Customer Success.

Critical is that your efforts enable our company to “Move Fast,” supporting innovation and user adoption of emerging technologies, while protecting the confidentiality, integrity, and availability of information technology resources, personnel, customers and intellectual property.

This position is based in Natick, Massachusetts, U.S. and can accommodate remote work up-to two days per week.

Key Responsibilities

• Design and implement security platforms and architectures that provide governance and security for the cloud environments; cloud-based software as a service; and emerging AI infrastructure, integrations, agents and services employed in the business processes, product development, operations and customer success.
• Architectures and security platforms that provide critical governance and security functions such as Identity & Access Management, SSO, Federated Identity Management, Conditional Access, Service & SaaS Integration (API/Graph), Cloud Security Posture Management; Data Security Posture Management; Cloud SaaS Security Posture Management, User Entity Behavior Analysis, Insider Risk Management.
• Ensure architectures reflect governance and security objectives for cloud and AI, and the controls specified in relevant standards and control frameworks, including NIST, OWASP, IEC, CSA, ISO, etc.
• Collaborate with business sponsors, initiative leaders and engineers to convey and align governance and security architectures and requirements that must be incorporated in the business plans and strategic initiatives.
• Document governance and security platforms, architectures, and roadmaps, leveraging them to convey plans and requirements for initiatives, investments and budgets, audits and compliance.
• Evangelize governance and security platforms and architectures throughout company, offering training and consultancy among stakeholders and initiatives with an interest or dependency.
• Consult on best practices for security and data protection necessary for emerging technologies, including cloud services, and AI infrastructure, applications, integrations, services and agents used in product development, process automation, employee empowerment, and customer success.
• Sponsor “change” necessary for the company to achieve greater scale, and more effective and efficient governance and security; developing business cases, influencing stakeholders, establishing cross functional goals, and facilitating leadership consideration and decision making.
• Drive change, developing implementation strategies, project plans, pilots, milestones and key performance indicators; lead and participate on projects and initiatives as required.
• Stay abreast of security trends, standards, and new technologies, evolving and changing architectures and roadmaps as appropriate; represent and communicate these external factors to leaders and evangelize change necessary for company to adapt.

Knowledge, Skills, and Abilities

Knowledge of Security Frameworks

Strong understanding of information security frameworks, standards, controls and best practices, including NIST, ISO 27001, CIS, OWASP, IEC, etc., and experience applying them.

Cloud Security Expertise

Proficiency in cloud governance and security concepts and services for Azure, AWS and/or VMware environments, with experience applying them among companies leveraging cloud for their internal IT and for revenue generating cloud services. Experience designing and implementing cloud architectures, foundational design principles, control towers, identity and access management, conditional access, shared services, DevOps, infrastructure as code, Graph and API integrations, logging, data storage and protections, micro services.

Technical Skills

Relevant certifications such as CISSP, CCSP, DevOps Certification, Security Engineer or Architect for Azure/AWS/VMware. Hands-on experience with cloud governance and security tools and platforms; experience/familiarity with security assessment tools, vulnerability management, incident response techniques, and security operations.

Demonstrated ability to document architectures and design principles, author white-papers, and make technical presentations.

Business Skills

Demonstrated experience preparing budgets, business cases, project plans, technical and management presentations.

Analytical Skills

Ability to analyze complex and fragmented governance and security issues and provide strategic solutions that improve scale, effectiveness and efficiencies.

Communication Skills

Exceptional written and oral skills, with an ability to convey technical concepts to non-technical stakeholders.

Collaboration Ability

Strong interpersonal skills for effective collaboration with internal teams and external partners.

Benefits Package

• In addition to base salary, employees will participate in either an annual bonus plan based on company and individual performance, or a sales incentive plan.
• Health, dental, and vision insurance.
• 401(k) retirement plan with company matching.
• Employer-paid disability, family leave, and life insurance.
• Paid time off (including holidays).
• Optional voluntary benefits; as well as recognition and wellness programs.