Senior Information Security Architect

Who We Are
Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For list for ten consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit ;br>
What We Do
**Remote Work Welcome**

We are seeking an experienced and highly skilled Senior Security Architect to join our growing Information Security team. This role will actively participate in designing, implementing, and overseeing the security architecture of complex systems ensuring their integrity, confidentiality, and availability. You will also play a key role in security architecture design reviews, collaborate with the Technology Governance Board, and create and maintain security documentation to support compliance, risk assessment, and security posture improvement. The ideal candidate will develop and articulate a robust security strategy encompassing network, application, identity, data, and cloud environments, ensuring proactive management of cyber risks. This role requires significant experience with cloud security, specifically with Azure and AWS to safeguard cloud-based infrastructure & applications.

What You'll Do

• Lead security architecture design & implementation reviews for First American applications and services.
• Create and maintain baseline security documentation to support compliance, risk management and security posture improvement.
• Leverage threat modeling methodologies for risk assessment during architecture and design phases to guide development teams for secure implementations.
• Design and implement cloud security controls for AWS, Google Cloud Platform and Azure environments, applying best practices for identity, access, and data protection.
• Lead the design and implementation of comprehensive security strategies for networks, applications, identity, data and cloud environments, effectively countering existing and emerging threats.
• Foster a DevSecOps culture of shared security ownership across development, operations, and security teams.
• Recommend design patterns and security best practices for technology implementations.
• Support the development of reference architectures and associated reusable work products and assessment assets including detailed designs that provide deployable building blocks.
• Conduct security reviews of code, infrastructure-as-code templates, and cloud configurations to detect vulnerabilities pre-deployment.
• Define and maintain security baselines, policies, and secure coding standards aligned with frameworks like NIST, ISO 27001, and PCI DSS.
• Provide training and guidance to development teams on secure coding, secrets management, and vulnerability remediation.
• Participate in the Technology Governance Board to assess risks and recommend secure technology adoption.
• Monitor and report on security posture using dashboards and metrics (e.g., vulnerability density, remediation time).
• Evaluate and recommend security tools and technologies that support DevSecOps workflows.
• Lead cross-training of Cybersecurity Architects to strengthen technical leadership across domains.
• Apply expertise in zero-trust architecture, IAM, network segmentation, container security, and infrastructure-as-code.
• Translate complex security concepts into actionable guidance for technical and non-technical stakeholders.

What You'll Bring

• BA/BS degree in Computer Information Systems, Computer Science or equivalent experience.
• 5+ years in information security, with 3+ years in security architecture and DevSecOps environments.
• CISSP certification required; Google Cloud Platform, AWS, and Azure certifications preferred.
• Proven experience designing secure architecture across cloud-native, hybrid, and on-prem environments.
• Hands-on expertise with AWS, Azure, Google Cloud Platform, Microsoft Entra ID, and cloud-native security tools.
• Must have the ability to understand Threat Modeling of applications and infrastructure to provide guidance on risk as it relates to vulnerabilities.
• Deep understanding of defense-in-depth strategies, zero-trust models, identity and access management (IAM), vulnerability assessment techniques, and secure coding practices.
• Excellent knowledge of Networking, WAF, NG Firewalls, network segmentation, VPNs as it relates to cloud and datacenters
• Demonstrated experience with secure software development lifecycles (SDLCs), static/dynamic application security testing (SAST/DAST), API security, and secure coding techniques.
• Proficient in cloud security models (IaaS, PaaS, SaaS), cloud-native security tools, encryption and cryptographic key management techniques, privileged access management (PAM), security posture and compliance within cloud environments.
• Strong understanding of zero-trust models, container security, and infrastructure-as-code.
• Familiarity with compliance frameworks such as NIST, ISO 27001, PCI DSS, GDPR, HIPAA, SOC 2.
• Excellent communication and collaboration skills to influence and educate across technical and business teams.

Pay Range: $145,000.00 - $212,630.00 Annually

This hiring range is a reasonable estimate of the base pay range for this position at the time of posting. Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements, and geographic location.

What We Offer
By choice, we don't simply accept individuality - we embrace it, we support it, and we thrive on it! Our People First Culture celebrates diversity, equity and inclusion not simply because it's the right thing to do, but also because it's the key to our success. We are proud to foster an authentic and inclusive workplace For All. You are free and encouraged to bring your entire, unique self to work. First American is an equal opportunity employer in every sense of the term.

** Note that the following statements only apply to candidates who will be working from an unincorporated area within Los Angeles County. **

First American will consider for employment all qualified applicants, including those with arrest or conviction records, in a manner consistent with the requirements of applicable state and local laws (e.g., the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act).

First American intends to conduct a review of an applicant's criminal history in connection with a conditional offer. First American reasonably believes that a criminal history may have a direct, adverse and negative relationship with the following material job duties for this position potentially resulting in the withdrawal of the conditional offer of employment: handling of confidential, proprietary or trade secret information belonging to First American or its customers, administrating or facilitating financial transactions, and the ability to meet customer-imposed criminal history requirements.

Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.