Security Compliance Architect

Job Title: Security Compliance Architect

Location: Remote (U.S.-based; preference for Southeastern candidates)

About the Opportunity

We are a premier technology consultancy supporting one of the world s most recognized Fortune 50 enterprise IT organizations. As part of a mission-critical endpoint security and compliance transformation program, we are seeking an experienced Security Compliance Architect to lead strategic efforts in patch management, vulnerability remediation, and endpoint compliance uplift across an enterprise workstation fleet of 200,000+ Windows and Linux systems.

This is a high-visibility role ideal for a seasoned security architect with deep experience in SCCM, Microsoft Intune, patching automation, and large-scale remediation. You will collaborate across IT security, operations, and compliance teams to drive measurable improvements in security posture, streamline tooling, and modernize endpoint management frameworks.

Role Summary

As the Security Compliance Architect, you will be responsible for designing and executing a roadmap for improved endpoint compliance, driving the remediation of critical vulnerabilities, and reporting outcomes to senior leadership. The role includes leading the transition from SCCM to Microsoft Intune, developing automation for patching workflows, and supporting the adoption of cloud-native management standards.

Key Responsibilities

• Lead strategic design and rollout of patching and remediation activities for 200,000+ Windows and Linux endpoints (physical and virtual).
• Analyze vulnerability data from tools such as Qualys, develop prioritization frameworks, and drive backlog remediation.
• Guide enterprise use and optimization of SCCM, Microsoft Intune, Autopatch, Cloudpatch, and related endpoint tools.
• Collaborate with cross-functional teams to implement automation scripts and frameworks (e.g., PowerShell, Python) for scalable patch deployment.
• Report remediation status, KPIs, and compliance metrics to senior technology leadership via dashboards and executive summaries.
• Lead the organizational transition from SCCM to Microsoft Intune, including roadmap design and execution planning.
• Evaluate and introduce AI- and automation-enhanced tooling to accelerate vulnerability management and patch compliance.
• Serve as a technical advisor and escalation point for patching, endpoint security standards, and vulnerability handling practices.
• Align remediation strategy with industry-standard GRC frameworks (e.g., NIST, ISO 27001).

Required Qualifications

• 10+ years of experience in endpoint security, vulnerability management, or patching in enterprise-scale environments.
• Deep familiarity with SCCM, Microsoft Intune, Autopatch, Cloudpatch, and MEC (Monthly Enterprise Channel).
• Hands-on experience with Windows and Linux operating environments, including mixed-mode support.
• Strong scripting skills (e.g., PowerShell, Python) for automation of patching and reporting tasks.
• Proven track record of leading remediation efforts for large-scale vulnerability backlogs.
• Strong communication and reporting abilities, with experience presenting to senior stakeholders and compliance leaders.
• Comfortable operating in matrixed enterprise organizations and across cross-functional delivery teams.
• Proficiency in creating and refining dashboards, metrics, and compliance reports.

Preferred Qualifications

• Experience consulting for or working with Big 4 firms, global consultancies, or large-scale enterprise IT departments.
• Familiarity with GenAI use cases in vulnerability remediation, security automation, or decision support.
• Experience aligning patching and remediation efforts with GRC frameworks such as NIST, CIS, or ISO 27001.
• Exposure to additional patching tools such as BigFix, Cloudpatch, or other commercial platforms.
• Experience leading migrations from legacy endpoint tools to modern cloud-native platforms.