Cybersecurity Architect (Azure)

We are seeking an experienced Cybersecurity Architect to join a lean and highly technical cybersecurity team. This role will be responsible for defining and driving the organization's security architecture strategy across cloud and on-premises environments while remaining actively involved in implementation and operationalization.

The ideal candidate is a hands-on security professional who can translate business, regulatory, and risk requirements into practical security solutions. This individual will work closely with cybersecurity, infrastructure, cloud, and application teams to ensure security is embedded throughout the technology landscape while maintaining a pragmatic balance between security, usability, and operational efficiency.

Key Responsibilities

Security Architecture & Strategy

• Develop and maintain enterprise security architecture frameworks and technical standards.
• Design and enhance security controls across cloud and on-premises environments, ensuring a strong defense-in-depth posture.
• Lead the architecture and optimization of identity and access management, privileged access controls, secrets management, network security, and cloud security services.
• Establish secure cloud landing zones and governance frameworks within Microsoft Azure environments.
• Define endpoint security baselines and vulnerability management strategies to strengthen organizational resilience.
• Partner with technology teams to integrate security-by-design principles into infrastructure and application development initiatives.

Engineering & Project Delivery

• Provide technical leadership, architecture guidance, and design validation for security transformation projects.
• Lead complex security implementations involving areas such as SIEM/SOC platforms, endpoint detection and response, data protection, and network segmentation.
• Collaborate with project stakeholders to ensure security initiatives are delivered successfully and transitioned smoothly into operations.
• Develop technical standards, implementation guidelines, and operational documentation.

Security Operations & Risk Management

• Continuously assess emerging threats and evaluate the effectiveness of existing security controls.
• Support major incident investigations by providing advanced technical expertise and collaborating with managed security service providers.
• Conduct threat modeling exercises for new systems, applications, and infrastructure changes.
• Drive continuous improvement of the organization's security posture through proactive risk assessment and remediation efforts.

Governance, Compliance & Regulatory Alignment

• Ensure security architectures align with applicable regulatory requirements, industry standards, and cybersecurity frameworks.
• Translate audit findings, risk assessments, and security recommendations into practical engineering solutions.
• Support security assessments, penetration testing activities, and remediation planning.

Requirements

Experience

• 8–12 years of progressive experience in cybersecurity engineering, security architecture, or related disciplines.
• Proven experience designing and implementing security solutions within complex enterprise environments.
• Experience operating in regulated industries such as financial services, banking, insurance, asset management, or similar sectors is highly desirable.
• Demonstrated ability to lead technical security initiatives from design through implementation.
• Strong stakeholder management and communication skills.

Technical Expertise

• Deep hands-on experience with Microsoft security technologies, including Microsoft Defender, Identity Protection, and Microsoft security services.
• Strong expertise in Azure security architecture, cloud security controls, and Zero Trust principles.
• Solid understanding of SIEM/SOC operations, vulnerability management, endpoint security, network security, and infrastructure hardening.
• Experience designing security architectures across hybrid cloud environments.

Preferred Certifications

• CISSP, CCSP, or equivalent cybersecurity architecture certifications.
• Microsoft security certifications such as AZ-500 or Microsoft Security Administrator credentials.