Senior Information Security Architect
American Credit Acceptance · Spartanburg, SC · 8 mo ago
On-siteInformation TechnologyFull-time
Key Responsibilities
- Design and maintain enterprise-wide security architecture frameworks that support business objectives and risk management strategies.
- Lead the development of security reference architectures for cloud (AWS, Azure) and on-premise environments.
- Define and enforce secure coding standards and practices across development teams.
- Oversee the implementation and integration of DAST (Dynamic Application Security Testing) and SAST (Static Application Security Testing) tools into CI/CD pipelines.
- Collaborate with DevOps and engineering teams to embed security into the software development lifecycle (SDLC).
- Ensure legacy and hybrid systems are aligned with modern security standards.
- Lead risk assessments and remediation strategies for on-premise infrastructure.
- Collaborate with internal and external auditors to ensure compliance with regulatory requirements (e.g., SOX, HIPAA, PCI-DSS).
- Serve as a trusted advisor to executive leadership on security strategy and risk.
- Mentor junior architects and security engineers, fostering a culture of security-first thinking.
Required Qualifications
- 10+ years of experience in cybersecurity, with at least 5 years in a security architecture role.
- Deep expertise in application security, including hands-on experience with DAST and SAST tools (e.g., Veracode, Fortify, Burp Suite).
- Proven experience designing secure architectures in AWS and Azure environments.
- Strong understanding of network security, identity and access management, encryption, and threat modeling.
- Familiarity with on-premise infrastructure and hybrid cloud models.
- Certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or Azure Security Engineer Associate are highly desirable.
Preferred Attributes
- Excellent communication and stakeholder management skills.
- Ability to translate complex security concepts into business-friendly language.
- Experience working in regulated industries or with compliance-heavy environments.