We are seeking a visionary Information Security & Data Privacy Architect to join our cybersecurity leadership team and shape the future of secure innovation across the enterprise. Reporting to the Director of Information Security, this senior role is responsible for designing resilient, scalable, and business‑centric security architectures that protect the organization’s data and systems—while empowering the business to operate, grow, and innovate.

This position partners across ITS, enterprise architecture, cloud engineering, application development, security operations, internal audit, legal, and compliance. The ideal candidate is both a strategist and a hands-on expert—deeply technical, forward‑thinking, and motivated by solving complex security and privacy challenges.

What You’ll Do

Security Architecture, Data Privacy & Innovation

• Stay ahead of emerging security threats; assess enterprise systems and data to ensure robust defense.
• Evaluate cutting-edge and disruptive cybersecurity technologies and influence leadership on adoption strategies.
• Design, validate, and guide deployment of secure solutions that balance data protection, risk, and business value.
• Lead security and privacy architecture across public, private, and hybrid cloud environments (AWS/Azure).
• Architect secure business‑to‑business integrations, third‑party solutions, vendor ecosystems, and outsourced services.

AI/ML Security & Responsible Data Use

• Own the full-lifecycle security architecture for AI/ML systems, including:
  • Secure data ingestion
  • Controlled model development, training & deployment
  • MLOps/DevSecOps integrations
  • Model integrity, privacy risk assessments & secure inference
• Build automated controls that reduce model poisoning, data exfiltration, and AI misuse.
• Ensure compliance with evolving data privacy and AI regulations.

Governance, Compliance & Risk

• Partner with legal, risk, and compliance teams to ensure adherence to regulatory and ethical requirements (privacy laws, AI regulations, internal risk frameworks).
• Develop and maintain security and data privacy standards, policies, procedures, and processes.
• Influence and participate in incident response planning and post-incident reviews, establishing measurable benchmarks.

DevSecOps, Engineering Excellence & Leadership

• Apply a DevSecOps mindset focused on automation, operational efficiency, and scalable architecture.
• Drive security automation that increases team capacity for advanced work and reduces manual workload.
• Stress-test security controls and platforms to validate performance while protecting business operations.
• Coach, mentor, and lead engineering, development, and business partners on security-by-design and privacy-by-design principles.

What You Bring

Required Experience & Technical Expertise

• 10+ years in cybersecurity including risk, compliance, and security engineering.
• Strong experience architecting enterprise security and privacy solutions across datacenters and public, private, and hybrid cloud environments (AWS or Azure preferred).
• Proven background (5+ years preferred) in enterprise technology design, implementation, and delivery.
• Deep expertise in cloud computing—SaaS, PaaS, IaaS—and modern cloud security architectures.
• Mastery of cybersecurity controls including SIEM, IDS/IPS, IAM, PKI, EDR, threat intelligence platforms, and security automation/orchestration.
• Solid understanding of risk and compliance frameworks such as NIST, ISO 27001, PCI DSS, and privacy regulations.
• Experience designing secure AI/ML systems and mapping controls to risk and regulatory frameworks.
• Ability to translate cybersecurity and privacy risks for technical and non-technical executives.
• Experience architecting SIEM, threat intelligence platforms, SOAR, IDS/IPS, FIM, DLP, and enterprise monitoring tools.
• Demonstrated ability to lead, mentor, influence, and communicate clearly across diverse engineering and business teams.

Additional Qualifications

• Experience with AWS or Azure cloud security tools and architectures.
• AI/ML security experience, including model governance and secure MLOps.
• Proficiency in scripting languages such as Python, PowerShell, JavaScript, PHP, or Ruby.
• DevOps/DevSecOps background with compliance-driven engineering practices.
• Knowledge of: ISO 27001, NIST, PCI DSS, HIPAA, HITECH, GDPR, CIS, SOC 2, and state privacy laws.
• Strong strategic and tactical decision-making capabilities.
• Highly trustworthy and leads with integrity and professionalism.