Global Cybersecurity Principal Domain Architect - Core Infrastructure

Department Overview

The Global Cybersecurity Principal Domain Architect – Core Infrastructure will serve as a technical authority for the Network, Cloud and End-User cybersecurity architecture, leading the design and governance of security solutions across the enterprise. This position ensures alignment with business objectives, enterprise architecture, and cybersecurity strategy while driving innovation and reducing risk. The Domain Architect will participate in the Architecture Review Board for cybersecurity and collaborate with other domain architects to define and enforce security standards, reference architectures, and PSPGs (Policies, Standards, Procedures, and Guidelines).

Accountabilities & Responsibilities:

· Own the Global Cyber Security Core Infrastructure architecture domain, ensuring end-to-end accountabilities for all initiatives.

· Make major architectural decisions and resolve domain-level technical challenges.

· Align security architecture with business objectives, enterprise architecture, technical strategy and cybersecurity strategy.

· Collaborate with management and additional experts in various subject areas to uphold a cohesive security posture.

· Advocate for secure-by-design and secure-by-default principles and influence adoption across teams.

· Establish and maintain a risk-weighted technical debt register for the Core Infrastructure domain; quantify impact and drive remediation with product leaders.

· Collaborate with engineering and product teams to ensure prioritization and secure implementation of solutions.

· Approve and ensure the production of architecture artifacts, security models, and design patterns.

· Co-create and maintain domain reference architectures and contribute to Policies, Standards, Procedures & Guidelines (PSPGs) using approved templates and governance lifecycle.

· Evangelize cybersecurity priorities and translate PSPGs/reference architectures into reusable patterns and guidance adopted by infrastructure, product and platform teams.

· Improve visibility of business risks by conducting threat modeling, mapping controls, and performing risk assessments.

· Provide architectural oversight for major initiatives from design through deployment.

· Act as a resident chair member, offering guidance on architectural decisions for cybersecurity initiatives.

· Stay current on emerging technologies, evolving threats, and industry trends to proactively shape and strengthen the security strategy.

· Mentor senior architects and engineers, improving security architecture practices.

· Conduct risk assessments and ensure compliance with frameworks like NIST CSF, ISO 27001, and PCI DSS.

Qualifications

· Bachelor’s or Master’s in Computer Science, Cybersecurity, or a related field with equivalent experience accepted.

· 12+ years in information security, with at least 5 years in security architecture roles.

· Certifications such as CISSP, CISM, SABSA, TOGAF, or equivalent.

· In-depth technical expertise in the Core Infrastructure domain areas, encompassing Cloud Security (AWS, Azure, GCP, OCI, CSPM, RBAC, MFA, SSO, PAM, VMs, containers, storage, network, host and OS hardening, KMS, DLP, SDLC, logging, monitoring, compliance, governance, etc), Network Security (firewall, SSE, VPNs, remote access, proxy, IDS, IPS, DMZ, segmentation, zero trust, DNS, routing, switching, wireless, branch network, hub and spoke architecture, TLS/SSL, IPsec,

NAC, MACsec, NDR, IoT, OT, monitoring, logging, etc.) and End User technologies (Microsoft, Apple, Android, laptops, smartphones, tablets, virtual desktops, wearables, peripherals, productivity suite, collaboration tools, email, EDR, MDM, DLP, disk encryption, storage, remote desktop support, Intune, DEM, video-conferencing, asset inventory, etc).

· Technical expertise with identity and access management, data protection, encryption, Dev/Sec/Ops, application security, platform security, IoT security and OT security.

· Proven experience designing security for cloud, hybrid, and on-prem environments.

· Deep knowledge of security frameworks (NIST, ISO 27001) and the ability to translate frameworks into enforceable enterprise standards and measurable outcomes.

· Experience working in an Agile environment with a Scrum Master, Daily Scrum meetings, Backlogs, Sprints, and written Stories and deliverables. Familiar with documentation process and tools, JIRA and Confluence preferred.

· Demonstrated results reducing risk and security technical debt while accelerating delivery.

· Outstanding communication and influence skills; ability to simplify complexity for senior leadership (E.g. CISO, CIO and CTO), guide distributed teams and resolve conflict.

· Strong analytical skills to critically evaluate information gathered from multiple sources; diligent, with excellent problem-solving skills.

· Ability to conduct research into issues, solutions, products and evaluate new technologies, translating them into roadmaps and leadership presentation materials.

· Ability to understand business challenges, drive process improvements and translate into solutions.

· Comfortable with ambiguity and ability to navigate uncertainty.

· Naturally elevates others and builds a culture of belonging through engaging high-performing teams.

Compensation

Bonus Eligible: Yes

Long - Term Incentive: Yes

Benefits Eligible: Yes

Salary Range

The expected salary range for this role is $168,350.00 - $218,860.00 per year
 
The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.