Sr Security Architect - Remote US
About the role
SitusAMC is a leading independent provider of technology, strategic outsourcing, talent and advisory solutions to the commercial and residential real estate finance industries. We help clients identify and capture opportunities in their real estate businesses through industry-leading services and innovative technologies that drive operational efficiency, increase business effectiveness, and improve market agility across the entire lifecycle of their global real estate activity.
Responsibilities
- Support the implementation of secure architecture patterns across AWS and Microsoft Azure environments
- Support deployment and operationalization of CNAPP/CSPM platform
- Drive cloud security posture improvements by integrating CNAPP with Cloud-native tools (e.g., GuardDuty, Security Hub, IAM, KMS, CloudTrail) and Azure security capabilities
- Partner with Security Operations to automate and integrate with MSSP and SOAR automation response principles
- Partner with engineering and development teams to embed application security (AppSec) controls into development and deployment pipelines
- Lead and support vulnerability management and patching programs across infrastructure and applications
- Contribute to security architecture reviews, threat modeling, and design validation
- Support implementation and optimization of IAM, PAM, and least-privilege access models
- Collaborate with SecOps team to integrate telemetry into SIEM platforms for monitoring and detection
- Support in the development and maintainance of secure configuration baselines and reference architectures
- Help drive patching strategy for servers, endpoints, and cloud workloads
- Conduct architecture reviews and document security requirements
- Partner directly with engineering leaders to bake security into product roadmaps
- Stay up-to-date with the latest security trends, threats, and technologies to continuously improve our security posture
- Help drive a culture of zero trust security across engineering, development, and product teams
Requirements
- Bachelor’s degree in a technical field from an accredited college/university, or equivalent job experience
- Minimum of 6+ years of industry and/or relevant experience, typically with 1+ years in a Senior Associate level role or external equivalent
- Experience in cybersecurity, cloud security, or security engineering, including demonstrated experience operating at a senior or lead level
- Relevant certifications such as CISSP, CEH, GIAC, ISSAP or other relevant security-focused certifications preferred
- Hands-on experience securing AWS and/or Azure environments
- Working knowledge of CNAPP/CSPM platforms
- Experience with vulnerability scanning, remediation tracking, and patch management processes
- Familiarity with application security principles (SAST, DAST, secure SDLC, threat modeling)
- Experience with IAM, PAM, and access governance concepts
- Exposure to SIEM and security monitoring integration
- Knowledge of Zero Trust architecture principles
- Understanding of network segmentation, VPN, Conditional Access, and cloud networking fundamentals
- Proficiency in scripting and automation (e.g., Python, PowerShell, Terraform)
- Familiarity with container security technologies (Docker, Kubernetes) and infrastructure as code (IaC) tooling
- Knowledge of encryption and key management practices
- Strong communication skills and ability to work with both technical and non-technical stakeholders
- Highly motivated self-starter that can manage multiple deliverables independently in a fast-paced environment
Qualifications
- Relevant certifications such as CISSP, CEH, GIAC, ISSAP or other relevant security-focused certifications preferred
- Hands-on experience securing AWS and/or Azure environments
- Working knowledge of CNAPP/CSPM platforms
- Experience with vulnerability scanning, remediation tracking, and patch management processes
- Familiarity with application security principles (SAST, DAST, secure SDLC, threat modeling)
- Experience with IAM, PAM, and access governance concepts
- Exposure to SIEM and security monitoring integration
- Knowledge of Zero Trust architecture principles
- Understanding of network segmentation, VPN, Conditional Access, and cloud networking fundamentals
- Proficiency in scripting and automation (e.g., Python, PowerShell, Terraform)
- Familiarity with container security technologies (Docker, Kubernetes) and infrastructure as code (IaC) tooling
- Knowledge of encryption and key management practices
- Strong communication skills and ability to work with both technical and non-technical stakeholders
- Highly motivated self-starter that can manage multiple deliverables independently in a fast-paced environment
Benefits
- Paid holidays
- PTO
- Medical, dental, and vision insurance
- Disability insurance
- 401(k) plan
Pay
The annual full time base salary range for this role is $115,000.00 - $135,000.00. Specific compensation is determined through interviews and a review of relevant education, experience, training, skills, geographic location and alignment with market data. Additionally, certain positions may be eligible to receive a discretionary bonus as determined by bonus program guidelines, position eligibility and SitusAMC Senior Management approval.
Schedule
This role is available on a remote basis.