Cybersecurity Architect - Cloud
Nouryon · Houston, TX · 2 wk ago
On-siteConsultingFull-time
About the job
As a Cybersecurity Cloud Architect, you will develop and maintain enterprise security architecture aligned with SABSA, NIST, and TOGAF, ensuring consistency and scalability while driving security integration across the entire delivery lifecycle.
Responsibilities
- Own the ORCA CNAPP Platform: Serve as the global technical owner, accountable for strategy, policy development, alert governance, and risk findings management across CSPM, CIEM, and CWPP.
- Drive Enterprise Cloud Architecture: Design secure reference architectures for cloud and hybrid environments, ensuring they embed Zero Trust principles and automated guardrails.
- Lead Cloud Risk & Threat Modeling: Conduct cloud-centric threat modeling and attack-path analysis to proactively identify and mitigate risks using frameworks like MITRE ATT&CK.
- Architect Cloud Identity (IAM): Govern Cloud IAM solutions, including Entra ID, Hybrid Identity, federation patterns, and modern identity standards like RBAC/ABAC and SCIM provisioning.
- Enable DevSecOps: Partner with engineering teams to embed security into CI/CD pipelines, container workloads, and Infrastructure-as-Code (IaC) to champion shift-left practices.
- Ensure Compliance: Lead efforts to maintain compliance with NIST, SOX, NIS2, and ISO 27001, providing clear guidance on regulatory and contractual security requirements.
Requirements
- Education: Bachelor’s degree in Cybersecurity, Information Security, or Computer Science.
- Experience: 10+ years in Cybersecurity Architecture, with a proven track record in cloud environments.
- Architectural Expertise: Solid foundation in enterprise frameworks such as SABSA, NIST, and TOGAF.
- Security Tooling: Deep hands-on experience with CNAPP platforms (e.g., Orca), CSPM, CIEM, and CWPP.
- Identity Management: Expertise in Azure AD / Entra ID, Conditional Access, and Zero Trust access controls.
Qualifications
- Professional certifications such as SABSA, SANS Cloud Security, or Microsoft SC-100 (Cybersecurity Architect Expert).
- Experience with Infrastructure-as-Code (Terraform, Bicep) and container/Kubernetes security.
Skills
- A strategic technical leader capable of defining and enforcing security standards at an enterprise scale.
- An influential communicator able to engage senior stakeholders, vendors, and engineering teams to drive secure outcomes.
- A proactive problem-solver who thrives in complex, fast-paced global environments by applying a Zero Trust mindset.
Benefits
- Great job and friendly coworkers.
- Plus benefits in addition to salary.
- Autonomy to shape the future of our cloud-native security posture.
Pay
- Salary details are confidential and will be discussed during the interview process.
Schedule
- This is a permanent, full-time position based in Houston, TX, reporting to the Deputy CISO.
- The role requires in-person presence and approximately 25% global travel.
Standard
- Closing date: 1 Sep 2026
- Vacancy number: N0014113
- Continent: North America
- Country: United States
- State/Region/Province: Texas
- Site: Houston
- Business: Legal
- Job area: Information Management (IT)
- Hierarchy level: Management
- Full time/part time: Fulltime
- Contract type: Permanent