We9re looking for a Sr. Security Architect who believes that great security enables the business - it doesn9t block it. In our Enterprise Information Security team, we don9t operate as the house of no. We9re the house of yes, and here9s how: yes to moving fast, yes to bold initiatives, yes to innovation - and we9re the team that helps the business understand how to do all of it safely and with clear eyes on risk.

This is one of the most impactful roles in our security organization. You9ll sit at the intersection of business strategy and technical security, helping teams across the company move quickly while making smart, calculated risk decisions. You won9t just enforce policy - you9ll be a trusted partner who understands what the business is trying to accomplish, negotiates practical paths forward, and finds creative solutions that let the organization take calculated risks confidently.

You9ll move fluidly between deep technical work and high-level strategy - designing cloud security architecture one day, presenting a roadmap to leadership the next. You9ll partner closely with SRE and development teams, lead our network penetration testing program, and help the broader organization navigate increasingly complex security challenges, including the emerging frontier of AI and agentic systems.

This is a remote position with travel required twice a year for team gatherings.
Key Responsibilities & Duties:

Business Partnership & Risk Enablement

Act as a genuine business partner, not a gatekeeper. Engage with teams early in the process to understand what they9re trying to build and why - then help them get there securely. Translate complex security risks into clear business language so stakeholders can make informed, confident decisions. Negotiate practical solutions that balance business velocity with security best practices, and build a reputation as the team that finds a way forward rather than the team that says no.

Security Initiative Lifecycle & Cross-Team Handoff

Own security initiatives end to end - from gap identification and solution selection through implementation and handoff. Every initiative includes a deliberate transition plan: security engineering takes over ongoing platform operations, and security operations owns downstream alerting and detection. Collaborate with both teams throughout, not just at the finish line.

Security Strategy & Innovation

Own the development and execution of a forward-looking, cloud-first security architecture vision. Identify gaps in our current security posture and research emerging technologies - including AI/agentic security - to keep us ahead of the curve. Build practical tools and agents that reduce friction for internal teams, such as helping users understand permission requirements for new projects.

Framework Governance & Standards

Lead the company9s formal adoption of NIST CSF 2.0 and the NIST AI Risk Management Framework. Conduct gap analyses, map current controls, and build cross-functional alignment on a clear adoption plan. Champion standardized security architecture frameworks to continuously mature our security discipline.

Cloud Identity & Infrastructure Security

Define and maintain Terraform-based configuration standards and modern identity management practices. Drive the migration to AWS IAM Identity Center and advance our 44secure-by-design45 infrastructure posture through Policy-as-Code. Ensure data and application security are foundational - not afterthoughts - in everything we build.

Threat Management & Vulnerability Governance

Formalize and run a threat modeling program that integrates security into the design phase of every new initiative. Support the CI/CD security gating process to ensure only secure container images reach production, and deliver focused, actionable vulnerability reporting that helps remediation teams prioritize what actually matters.

Penetration Testing Program Management

Manage our network penetration testing program, coordinating approximately five third-party engagements per year. Ensure tests are well-scoped, run on schedule, and that findings are translated into clear, prioritized remediation readouts delivered to the right technology owners.

Technical Leadership & Mentorship

Design cybersecurity solutions that align with enterprise policy while being practical enough for teams to actually implement. Coach and mentor technical staff across the company in cybersecurity disciplines. Provide hands-on consulting to development and SRE teams on critical projects, and help rally InfoSec partners to ensure security requirements stay prioritized in cross-functional work.

Security Awareness & Policy

Raise the security awareness bar across the enterprise through ongoing education and communication. Contribute meaningful input to policies and security control configurations, and develop technical solutions and tooling that automate repeatable tasks and reduce vulnerability exposure.

Qualifications:

• 8+ years of proven experience as a security architect
• Deep expertise in cloud platforms, specifically AWS and/or GCP
• Proficiency with security tools and technologies including Wiz and Cloudflare
• Strong command of security architecture frameworks such as NIST CSF 2.0 and NIST AI RMF
• Experience building and maintaining security systems with a focus on data and application security
• Hands-on background with firewalls, intrusion detection systems, authentication systems, log management, anti-virus, and content filtering
• Solid knowledge of network configurations, devices, and security monitoring tools
• Up-to-date understanding of the latest security principles, techniques, and protocols
• Familiarity with web technologies, web services, and service-oriented architectures and their associated protocols
• Proven ability to negotiate and influence - you can push back when needed, find creative middle ground, and bring stakeholders along without creating friction
• Strong business acumen - you understand how companies operate, what drives decision-making, and how to frame security in terms of business risk and opportunity
• Strong leadership presence - you can influence and drive cultural change toward security-first thinking
• Exceptional communicator, equally comfortable presenting technical concepts to engineers and translating risk for business leaders
• BS in Computer Science or a related field, or an additional 3 years of equivalent experience

Desired Skills:

• Experience in financial services, with an understanding of the sector9s unique regulatory and security landscape
• CISSP, CCSP, or CISM certification
• Hands-on experience integrating security into CI/CD pipelines and automating continuous security validation
• Advanced knowledge of data protection, encryption methods, and privacy regulations such as GDPR and CCPA
• Proficiency in risk identification, assessment, and mitigation strategy development
• Familiarity with Zero Trust architecture and the application of AI/ML in cybersecurity contexts
• Track record of effective collaboration across development, operations, legal, and executive leadership - including a history of finding yes when others defaulted to no

The salary range for this position is: $128,000 - $160,000 + Bonus

Cool Things to Know

Not Just Any Company: Alkami has an awesome diverse and inclusive environment. We have a FUN culture and offer great benefits, including remote-first environment, unlimited paid time off, 401(k) with employer match, and more.

Work Authorization: We cannot offer employment sponsorship at this time. Candidates must be eligible to work in the US for full-time employment.

Recruiters: We are not looking for outside recruiting firms to help us in this search. Thank you for understanding.

Pay Transparency: As of January 1, 2023, new states and locales have enacted pay equity laws that require more pay transparency by employers in the following states: California, Colorado (effective January 1, 2021), Connecticut, Maryland, Nevada, New Jersey, New York, Ohio, Rhode Island and Washington.

#LI-REMOTE