InfoSec Sustainability Security Architect Lead

The Security Architect will  work on the Security Engineering & Risk team in the Information Security organization. We are looking for a highly skilled Security Architect to lead the design and implementation of security solutions including specific near-term sustainability and process improvement initiatives. This role blends technical expertise in cybersecurity with leadership in governance, risk, compliance (GRC), and architecture. You will guide one or more  junior team members, manage security programs, and ensure alignment with organizational goals.
In this role as an InfoSec GRC/SIA Sustainability SME, you will be responsible for managing the implementation of SIA enhancements for sustainability. This includes tasks such as conducting initial process assessments, documenting current state processes, identifying improvement opportunities, gathering requirements through stakeholder interviews and workshops, analyzing processes against requirements, designing future state processes, and coordinating with technical teams for solution design and configuration. Your role will also involve testing, implementation, change management, go-live support, and post-implementation activities to ensure the success of the sustainability initiatives.

The Work:
Security Architecture & Strategy

• Design and implement security strategies, architectures, and procedures for cloud and on-premise environments.
• Review and advise on security design for IT and business system investments.
• Architect and implement a comprehensive security program integrated into an end-to-end security-focused SDLC.
• Drive transformation of security processes, automation, and sustainability enhancements.

Risk Management & Compliance

• Identify security risks and develop mitigation plans.
• Ensure compliance with standards (ISO 27001, NIST, OWASP) and regulatory requirements (GDPR, HIPAA, PCI-DSS).
• Maintain security documentation, including policies, procedures, and standards.

Process Improvement & Sustainability

• Conduct process assessments, design future state workflows, and coordinate technical implementation.
• Lead requirements gathering, stakeholder workshops, and business analysis.
• Support testing, change management, go-live, and post-implementation activities.
• Measure process performance and drive continuous improvement.

Collaboration & Leadership

• Work with cross-functional teams to integrate security into technology development.
• Provide mentorship and guidance to junior security team members.
• Facilitate stakeholder engagement and manage expectations across departments.
  
  

Technical Work

• Security Architecture & Design
• Cloud Security & DevSecOps Practices
• Vulnerability Assessment & Penetration Testing
• SIEM Tools & Threat Modeling
• Secure Coding & Compliance Documentation
• Process Mapping & Modeling (BPMN, UML)
• Business Analysis & Data Analysis
• Project Management & Testing Principles
• Scripting (Python, Bash, PowerShell)

What You Need:

• U.S. Citizen required
• 4–5 years of experience in information security with a focus on architecture and process improvement.
• Security frameworks, secure coding practices, and application security.
• Experience with security technologies (firewalls, IDS/IPS, endpoint protection), cloud security (AWS, Azure, GCP), and containerization (Docker, Kubernetes).

Bonus If You Have:

• Professional certifications (CISSP, CISM, or equivalent) preferred.