A Security Architect is a senior technical leader responsible for the design and continuous evolution of CSG's security operations platforms and capabilities. Working alongside Enterprise Security Architects and a team of security engineers, this role drives the architecture of security tooling across hybrid-cloud environments and leads the design of automation and orchestration capabilities that reduce analyst toil, accelerate response and scale the effectiveness of the security operations program.
Security Architect provides direct technical guidance to Security Operations leadership that informs strategy and investment priorities based on shifting threat landscapes and business requirements. Across the broader organization, this role serves as a trusted technical advisor to engineers, executives and cross-functional business stakeholders on security requirements and risk tradeoffs. Internally, this role mentors security engineers and analysts to develop technical depth and security maturity through architecture reviews, knowledge sharing and hands-on guidance.
We are looking for an Information Security Architect who will:- Be the technical owner of the architecture, selection and continuous improvement of security operations platforms (SIEM/SOAR, EDR, CSPM, cloud workload protection, container security, email security gateway and UEBA) across hybrid-cloud environments. Define platform integration strategy, data pipeline design and the operational standards that govern how security tooling is deployed and maintained at enterprise scale.
- Design and lead the implementation of security automation and orchestration capabilities that reduce manual effort, accelerate detection and response and scale security operations program effectiveness through automated ticketing and findings resolution.
- Partner with Enterprise Security Architects, IT, engineering and cross-functional business stakeholders to ensure security operations requirements are embedded in platform, application and infrastructure decisions. Lead vendor evaluation and technology selection for security operations tooling while providing risk, cost and capability trade-off analysis.
- Mentor security engineers and analysts through architecture reviews, structured guidance and hands-on collaboration. Provide direct technical guidance to Security Operations leadership to inform strategy, roadmap and investment priorities.
- Analyze security systems and seek improvements via automation or otherwise, on a continuous basis
Is this opportunity right for you? We are looking for candidates with:- 10+ years of experience in information technology, with hands-on experience in security operations and security platform engineering in enterprise hybrid-cloud environments preferred
- 3-5 years of experience in security engineering, demonstrated experience architecting security solutions in hybrid public/private cloud environments preferred
- Proven ability to communicate complex security concepts to a wide range of audiences including engineers, executives and cross-functional business stakeholders
- Demonstrated experience mentoring security engineers and analysts to develop technical depth and security maturity through coaching, architecture reviews and hands-on knowledge transfer
- The ability to provide direct technical guidance to Security Operations leadership and translate findings into clear strategic recommendations
- Deep expertise in security operations platform architecture, including SIEM/SOAR, EDR, container security, email security gateways, ZTNA, NGFW and UEBA
- Hands-on experience designing, implementing and optimizing detection and response capabilities at enterprise scale
- Hands-on experience developing and maintaining detection content (SIEM use cases, correlation rules and alert tuning) aligned to adversary TTPs and the organization's threat model
- Hands-on experience designing and managing log ingestion pipelines, data source onboarding and log lifecycle strategy in support of detection and compliance requirements
- A working knowledge of vulnerability management platforms, attack surface management and penetration testing tooling
- A working knowledge of privileged access management (PAM) and identity threat detection and response (ITDR)
- Demonstrated experience architecting security controls across hybrid-cloud environments
- Hands-on experience with CSPM, cloud workload protection, cloud-native security services, cloud identity security, security-as-code practices and cloud compliance frameworks
- Demonstrated experience in security automation and orchestration including SOAR playbook development, API integrations and scripting (Python, Ruby, C# and/or REST APIs)
- Ability to design enterprise-grade security automation that reduces analyst toil, accelerates detection and response and scales the security operations program through automated ticketing and findings resolution
- Advanced understanding of adversary tactics, techniques and procedures (TTPs) and ability to operationalize threat intelligence into detection and response
- A working knowledge of the MITRE ATT&CK framework and its application to detection engineering and security architecture decisions
- Hands-on experience designing or maturing threat hunting capabilities, including the development of hunting hypotheses, structured hunt methodologies and translation of hunt findings into detection content
- Incident response experience including hands-on incident management experience is preferred
- Experience monitoring the shifting threat landscape and emerging technology trends, translating business requirements and findings into sustainable, integrated security architecture and actionable recommendations for Security Operations leadership
- Experience developing multi-year security operations technology roadmaps and leading vendor evaluation and selection
- A working knowledge of enterprise security frameworks including NIST CSF, ISO 27001 and PCI-DSS
- Familiarity with enterprise architecture methodologies (TOGAF or equivalent)
- Experience with AI/ML-driven security capabilities and their operational security implications
- Familiarity with emerging security domains including AI Security Posture Management (AISPM) and supply chain security
- The ability to read, write, speak, and understand the English language in a business environment
CSGer Perks & Benefits - Work from Home
- Employee Belonging Groups
- Healthcare: Dental, Medical, and Vision
- Paid Vacation, Volunteer, and Holiday Time Off
- And so much more!
#LI-Remote
Please submit your application at csgi.com/careers. Applications will be accepted for at least 5 days from original posting date.
Position Pay Range:This range represents the low and high end of the salary range for this position. Actual salaries will vary based on factors including but not limited to geographical location and experience.
$108,943.17-$174,305.43
This role is eligible for a bonus opportunity.
Location(s):United States Remote
