Sr. Cybersecurity Architect

Sr. Cybersecurity Architect

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, or equivalent experience in a related field
• Minimum five (5) years of experience in DevSecOps, cloud security, or cybersecurity architecture
• Hands-on expertise in securing cloud-based AI/chatbot solutions, data platforms (Databricks), CI/CD workflows, and software development
• Strong background in cloud security, automation, and compliance
• Ability to design scalable and secure application architectures
• Passion for fostering a security-first DevOps culture

Responsibilities

• Define and execute a DevSecOps roadmap that integrates security into CI/CD pipelines, Kubernetes, serverless applications, and AI-driven chatbot platforms
• Implement secure AI and chatbot architectures in Azure, ensuring compliance with security standards, data protection, and access control
• Secure data lakes, ML models, and Databricks notebooks by implementing role-based access control (RBAC), encryption, and compliance monitoring
• Automate security controls using Terraform, Ansible, Bicep, and Azure Policy to enforce security in cloud-native deployments
• Design and implement secure identity and secrets management strategies, ensuring API keys, encryption keys, and credentials are properly managed
• Implement data protection, rights management, and access controls to ensure secure handling of intellectual property, digital assets, and sensitive data across applications and data platforms
• Establish best practices for securing containers, Kubernetes, microservices, and serverless functions, including runtime security and policy enforcement
• Utilize MITRE ATT&CK techniques to enhance threat modeling, detection engineering, and security response strategies for applications, infrastructure, and data environments
• Enforce security controls around OAuth, SAML, JWT, Zero Trust, and API gateways to secure applications, chatbot interactions, and Databricks data pipelines
• Leverage MITRE ATT&CK tactics to design threat hunting, detection, and response strategies using SIEM, XDR, and threat intelligence tools
• Ensure DevSecOps implementations align with NIST, CSA, CIS, ISO 27001, and regulatory requirements (e.g., SOX, GDPR, CMMC, HIPAA)
• Partner with development, IT, and security teams to build security awareness and advocate for secure coding, DevSecOps best practices, AI security, and data security

Preferred Qualifications

• Security certifications (CISSP, CSSLP, CCSP, CKS, OSCP, GCSA, or similar)
• Hands-on experience with CI/CD tools (Azure DevOps, GitHub Actions, GitLab CI/CD, Jenkins, ArgoCD, etc.)
• Expertise in Azure Security Services, including Azure Key Vault, Azure Sentinel, Defender for Cloud, and Security Center
• Experience securing AI-driven chatbot platforms (Azure Bot Service, OpenAI GPT, or similar)
• Strong knowledge of cloud security (Azure, AWS) and container security (Kubernetes, Istio, Docker)
• Experience securing Databricks workloads, data lakes, ML pipelines, and Spark environments
• Familiarity with Digital Rights Management (DRM) strategies for protecting sensitive assets
• Strong experience leveraging MITRE ATT&CK for threat modeling, detection engineering, and adversary simulation
• Experience implementing SAST, DAST, SCA, and RASP security solutions in DevOps workflows
• Familiarity with SOAR, SIEM, XDR, and threat intelligence tools
• Experience working with API security, OAuth2, JWT, SAML, and microservices security
• Strong understanding of secure coding principles, threat modeling, and OWASP Top 10
• Excellent communication skills to influence development teams, data engineering teams, and executive leadership