Enterprise Cyber Security Solution Architect
Location
Tampa Bay, FL (Hybrid)
Overview
The Enterprise Cyber Security Solution Architect is responsible for designing, maturing, and governing enterprise-wide cybersecurity solutions that protect critical information assets and infrastructure.
This role serves as a solution architect and technical authority, defining future-state architectures, security standards, and multi-year roadmaps, while partnering with engineering teams, system integrators, and Managed Security Service providers (MSS) for execution and operations.
The position provides architectural leadership across:
- Identity & Access Management (IAM/IGA)
- Privileged Access Management (PAM)
- Data Loss Prevention (DLP)
- Application Security
- Public Key Infrastructure (PKI)
Note: This is an architecture-focused role and does not involve hands-on implementation or day-to-day administration.
Primary Duties & Responsibilities
Identity Management & Identity Governance (IAM / IGA) - 35%
- Define and maintain IAM/IGA reference architectures, standards, and roadmaps aligned with Zero Trust and least privilege principles
- Provide architecture leadership for Microsoft Entra ID (passwordless authentication, Conditional Access, SSO, identity federation)
- Architect and mature Saviynt IGA capabilities (RBAC, role catalog, entitlement management, access certifications)
- Design identity controls to mitigate BYOD risk using Conditional Access and device trust strategies
- Lead integrations with enterprise platforms (e.g., PAM tools, ITSM, ERP systems)
- Govern non-human/workload identities in coordination with IAM and PAM platforms
Privileged Access Management (PAM - CyberArk) - 25%
- Serve as the enterprise PAM solution architect and design authority
- Define and lead the PAM maturity roadmap (pilot enterprise rollout MSS transition)
- Architect advanced capabilities including:
- Privileged session recording
- Secure credential access
- Just-in-time (JIT) provisioning
- Privilege reduction strategies
- Establish PAM architectures across on-prem, cloud, hybrid, and distributed environments
- Provide governance oversight to ensure scalable, secure, and compliant implementations
Data Loss Prevention (DLP - Microsoft Purview) - 15%
- Lead architecture for enterprise DLP capabilities
- Define data classification, labeling, and protection strategies across:
- Email
- Endpoints
- Cloud platforms
- Data at rest
- Align DLP with IAM, Conditional Access, and data governance requirements
- Partner with Legal, Compliance, and Risk teams to meet regulatory and privacy standards
Application Security (Architecture & Secure SDLC) - 15%
- Define secure application architectures and secure coding standards
- Integrate security into the Software Development Lifecycle (SDLC)
- Provide guidance on authentication, authorization, and secure data handling
- Support security architecture reviews and risk assessments for critical systems
PKI & Certificate Management - 5%
- Provide governance for PKI and certificate lifecycle management
- Define standards for certificate issuance, renewal, revocation, and automation
- Support certificate-based authentication and passwordless initiatives
Cyber Defense & Security Governance - 5%
- Contribute to architecture and governance of threat detection and response capabilities
- Support development of security standards, policies, and control frameworks
- Act as a trusted advisor in security architecture and enterprise risk discussions
Relationships
Internal:
Information Security, Enterprise Architecture, IAM/IGA teams, Application Development, Infrastructure, Cloud, Risk, Compliance, Audit, Executive Leadership
External:
System Integrators, Security Vendors, Managed Security Service Providers, Auditors, Industry Partners
![]()
Never miss an opportunity! Create an alert based on the job you applied for.