Cybersecurity Architect

This is a fully remote position, open to applicants in Ireland.

📋 Description

• This position is fully remote.

• Accountable for the strategic planning, design, and integration of security technologies throughout the organization.

• Serve as a liaison between overarching security policies and their technical application, ensuring security is woven into the infrastructure, applications, and DevOps pipelines.

• Create and document enterprise-level security architectures for cloud environments (AWS/Azure/GCP), on-premise data centers, and hybrid setups.

• Establish security standards, reference architectures, and design patterns (Zero Trust, SASE, NIST).

• Perform threat modeling and risk assessments for new systems, applications, and integrations (STRIDE, PASTA, or VAST).

• Align the security strategy with business objectives and regulatory mandates (SOC2, ISO 27001, GDPR, HIPAA, PCI-DSS).

• Choose and architect security solutions (Next-gen Firewalls, EDR/XDR, SIEM, IAM/PAM, DLP, CASB).

• Direct the integration of security into CI/CD pipelines (DevSecOps), including SAST, DAST, and SCA.

• Design secure network segmentation, micro-segmentation, and identity management frameworks (SSO, MFA, Identity Governance).

• Work closely with Cloud Engineers to enforce IAM policies, encryption (both at rest and in transit), and secure configurations.

• Specify technical security requirements for RFPs and vendor risk evaluations.

• Engage in incident response tabletop exercises and post-incident architecture adjustments for actual breaches.

• Review and approve architecture change requests with a focus on security implications.

⛳️ Requirements

• Significant experience in information security, with over 4 years specifically in a Security Architect role or a similar position (Lead Security Engineer, Cloud Architect with a security emphasis).

• Demonstrated expertise in designing multi-cloud security architectures (AWS, Azure, or GCP).

• Profound knowledge of networking (TCP/IP, routing, SD-WAN, load balancers) and operating systems (Linux, Windows).

• Exceptional skill in articulating complex security risks to non-technical executives.

• Strategic mindset that balances 'ideal security' with business agility.

• Strong capabilities in documentation and diagramming.

• Technical Skills: Familiarity with security frameworks such as NIST CSF, ISO 27001, MITRE ATT&CK.

• Knowledge of architectural models: Zero Trust (ZTA), SASE, Identity Fabric.

• Experience with DevSecOps tools: Git, Jenkins/GitLab CI, Terraform (IaC), Docker/Kubernetes.

• Understanding of identity protocols: OAuth, SAML, LDAP, SCIM.

• Grasp of cryptography concepts: PKI, TLS, HSM, key management.

• Certifications (One or more preferred): CISSP, SABSA or TOGAF (architecture focus), CCSP or AWS Certified Security – Specialty, CISM.

🏝️ Benefits

• Clearly defined scope with no uncertainty regarding deliverables.

• Potential for repeat engagements based on performance.