About the RoleThe Cybersecurity Engineer/Architect is responsible for designing, implementing, and maintaining secure enterprise architectures, systems, applications, networks, and cloud environments. This role provides technical leadership in cybersecurity strategy, risk management, security engineering, and compliance initiatives while ensuring Apex's information assets are protected against evolving cyber threats.
The ideal candidate combines deep technical expertise with strong business acumen to develop security solutions that align with organizational objectives, regulatory requirements, and industry best practices.
Essential Duties and ResponsibilitiesSecurity Architecture & Design- Design and maintain enterprise-wide cybersecurity architecture aligned with business and technology strategies.
- Develop secure architectures for cloud, on-premises, hybrid, and multi-cloud environments.
- Create and maintain security standards, reference architectures, and technical design
- documents.
- Perform threat modeling and security architecture reviews for new systems, applications, and infrastructure.
- Evaluate emerging technologies and recommend security controls and solutions.
Security Engineering & Implementation- Design, implement, and optimize security controls across networks, systems, endpoints, applications, and cloud platforms.
- Lead deployment and integration of security technologies including SIEM, IDS/IPS, DLP, EDR/XDR, IAM, and vulnerability management platforms.
- Develop and automate security processes using scripting and infrastructure-as-code methodologies.
- Collaborate with infrastructure, application development, and cloud engineering teams to embed security into technology solutions.
Risk Management & Compliance- Conduct security risk assessments, vulnerability assessments, and security audits.
- Identify security gaps and develop remediation strategies.
- Ensure compliance with applicable regulatory and industry frameworks, including:
- NIST 800-53
- NIST 800-171/172
- ISO 27001
- CIS Controls
- SOC 2
- Support governance, risk, and compliance (GRC) initiatives.
Incident Response & Security Operations- Provide architectural guidance during cybersecurity incidents and investigations.
- Support incident response, threat hunting, and forensic analysis activities.
- Review security events and identify opportunities to strengthen defensive capabilities.
- Assist in developing cyber resilience and business continuity strategies.
Leadership & Collaboration- Serve as a cybersecurity subject matter expert for technical and business stakeholders.
- Mentor junior cybersecurity engineers, analysts, and administrators.
- Present security recommendations, risk assessments, and strategic initiatives to leadership.
- Partner with IT, engineering, operations, legal, and compliance teams to support enterprise security objectives.
Education RequirementsRequiredBachelor's degree in Cybersecurity, Computer Science, Information Technology, Information Systems, Computer Engineering, or a related technical field.
PreferredMaster's degree in Cybersecurity, Information Security, Computer Science, or related
discipline.
Professional Certifications (Preferred)One or more of the following:
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CCSP (Certified Cloud Security Professional)
- SABSA Security Architecture Certification
- AWS Certified Security - Specialty
- Microsoft Azure Security Engineer Associate
- GIAC Security Certifications (GIAC, GSEC, GDSA, etc.)
Experience Requirements- 7-10+ years of experience in cybersecurity, information security, network security, cloud security, or related IT disciplines.
- 3-5+ years of experience designing security architectures or leading cybersecurity engineering initiatives.
- Experience implementing enterprise security controls and security frameworks.
- Experience securing cloud platforms such as AWS, Azure, or Google Cloud Platform.
Required Technical SkillsSecurity Architecture- Enterprise Security Architecture
- Zero Trust Architecture
- Secure-by-Design Principles
- Threat Modeling
- Security Control Design
- Security Roadmap Development
Network & Infrastructure Security- Firewalls
- IDS/IPS
- VPN Technologies
- Network Segmentation
- DNS Security
- TCP/IP Protocols
- Secure Network Design
Cloud Security- AWS Security Services
- Microsoft Azure Security Services
- Google Cloud Security
- Container Security
- Kubernetes Security
- Infrastructure as Code (Terraform, CloudFormation)
Identity & Access Management- Active Directory
- Entra ID (Azure AD)
- Single Sign-On (SSO)
- Multi-Factor Authentication (MFA)
- OAuth
- SAML
- Privileged Access Management (PAM)
Security Operations- SIEM Platforms (Elastic,Splunk)
- Endpoint Detection & Response (EDR/XDR)
- Vulnerability Management
- Security Monitoring
- Threat Intelligence
- Incident Response
Application Security- Secure SDLC
- DevSecOps
- Application Security Testing (SAST/DAST)
- API Security
- OWASP Top 10
- Secure Coding Practices
Programming & Automation- Python
- PowerShell
- Bash/Shell Scripting
- REST APIs
- Security Automation
Required Soft Skills- Strategic thinking and problem-solving
- Strong analytical and risk assessment capabilities
- Excellent written and verbal communication skills
- Ability to communicate complex technical concepts to non-technical audiences
- Leadership and mentoring skills
- Project and stakeholder management
- Cross-functional collaboration
- Decision-making under pressure
- Strong documentation and presentation skills
Preferred Qualifications- Experience with large-scale enterprise environments.
- Experience in regulated industries (financial services, healthcare, government, aerospace, defense, etc.).
- Experience with cloud-native security and DevSecOps practices.
- Knowledge of MITRE ATT&CK framework and threat intelligence methodologies.
- Experience supporting security audits and compliance assessments.
- Experience designing resilient and highly available security architectures.
What We Offer For Full-time Employees:- Shared upside: Receive equity in Apex, letting you benefit from the work you create
- Best-in-class healthcare: 100% company-paid medical, dental, and vision for you and your dependents, plus $100k life insurance at no cost
- Comprehensive PTO package to reset and recharge - starting at 15 days vacation, growing to 20+ days annually, plus 10 paid holidays
- Competitive 401(k) plan with generous matching - 100% match on first 3%, 50% on next 2%
- 8 weeks paid parental leave plus childcare reimbursement up to $350/day for work-related travel
- Daily catered lunch and unlimited snacks to keep you fueled throughout the day
- Vibrant community: Monthly office socials, pickleball tournaments, run club, and gatherings for you and your family
- Your dream desk setup and all the tools you need to be your most productive self
- World-class Playa Vista office with the benefit of in-person collaboration with amazing coworkers and flexibility to integrate work and life
- Real impact opportunity: Work alongside experts from aerospace, new space, and other cutting-edge industries to make a lasting difference
Ready to join a team where your contributions matter and your future is bright? Let's build something extraordinary together.
