Jobs · Information Technology · Texas

Associate Enterprise Security Architect

Upbound Group · Plano, TX · 1 wk ago
Information TechnologyFull-time

Key Responsibilities

  • Aid in developing and maintaining enterprise security architecture standards, patterns, reference architectures and designs (identity, network segmentation, endpoint, cloud, application, data protection, AI, etc.)
  • Aid in building the Enterprise Security Architecture framework for the company utilizing SABSA methodology at the direction of a SABSA certified architect.
  • Participate in architecture and design reviews to ensure major initiatives align with enterprise security principles, approved patterns, and business objectives.
  • Help define security requirements and controls that can be reused across teams, products, and platforms, including AI controls focused on GenAI, Agents, Agentic, MCP, RAG, etc.
  • Support the creation and maintenance of target-state security roadmaps (e.g., Zero Trust adoption, logging and detection strategy, IAM modernization, AI Security).
  • Contribute to security governance processes, including exception handling, risk acceptance support, and documenting architectural decisions.
  • Partner with Security Engineering and IT to ensure enterprise standards can be implemented operationally (pragmatic, measurable, and supportable).
  • Assist in vendor and technology evaluations to ensure tools align with architectural standards and integrate with the broader ecosystem.
  • Map security architecture to compliance frameworks and internal policies (NIST CSF, NIST AI RMF, SOC 2, ISO 27001, PCI DSS, etc.), ensuring designs support auditability.
  • Contribute to metrics and reporting on architecture adoption (pattern usage, exceptions, gaps, and roadmap progress).
  • Maintain clear architecture documentation and communicate standards to stakeholders through presentations, docs, and working sessions.

Focus Areas

  • Identity and Access Management (SSO, MFA, lifecycle automation, privileged access)
  • Network and segmentation models (Zero Trust, secure access, remote connectivity)
  • Cloud security baselines (landing zones, guardrails, policy-as-code)
  • Data classification and protection (encryption, key management, DLP, DSPM)
  • AI Security (data security and governance, model security, API, IAM, IRP)
  • Logging, monitoring, and detection architecture (SIEM strategy, telemetry standards)
  • Secure SDLC guardrails (security gates, code scanning standards, secrets management)

Required Qualifications

  • 2 to 5+ years of experience in information security, security engineering, IT, systems engineering, or related technical roles.
  • Familiarity with cloud concepts and shared responsibility (AWS, Azure, and/or GCP) and how security guardrails are implemented in cloud environments.
  • Experience with design and implementation of AI security controls for enterprise environments.
  • Ability to translate security risk into clear requirements and actionable guidance for engineering and IT teams.
  • Strong documentation and communication skills (comfortable writing standards and presenting to stakeholders).
  • Understanding of common security frameworks and control concepts (e.g., NIST CSF, NIST AI RMF, NIST 800-53, CIS Controls, OWASP, PCI/DSS, etc.).
  • Familiarity with SABSA Enterprise Security methodology.
  • Self-accountability is a must.

Preferred Qualifications

  • Exposure to enterprise architecture concepts (capability models, target-state roadmaps, architecture review boards).
  • Exposure to SABSA Enterprise Security methodology, in practice.
  • Experience contributing to Zero Trust programs, segmentation strategies, enterprise IAM modernization and enterprise AI security.
  • Familiarity with GRC processes (risk exceptions, control mapping, audit support), without being purely a compliance role.
  • Experience with security architecture modeling or diagramming (e.g., C4, ArchiMate, Visio/Lucidchart).
  • Experience in security solutions design and evaluation.

Similar jobs