Security Architect

Job Purpose

As a Security Architect, you will shape and advance the security architecture for Cloud, AI, and other emerging technology initiatives s role focuses on designing and implementing modern security solutions, ensuring that security is embedded into every product, system, and service the business builds. You will work closely with internal teams across CBTS to align security architecture with business needs and drive secure-by-design practices throughout the organization.

• Security Architecture and Design:

• Develop, implement, and maintain multilayered information security architectures, policies, and standards for cloud, AI, and modern application environments.
• Ensure security architecture aligns with industry best practices, regulatory expectations, and CBTS strategic objectives.
• Continuously evaluate and strengthen existing security frameworks to adapt to evolving threats and technologies.
• Assess and integrate new security technologies, with a focus on cloud-native security, automation, AI-driven security controls, and emerging innovations.

• Risk Assessment and Mitigation:

• Conduct security risk assessments, architecture reviews, and vulnerability assessments across cloud and application environments
• Support Red Team and threat modeling initiatives to identify and address architectural weaknesses.
• Analyze emerging threat trends adapting our security strategies accordingly.

• Business Collaboration and Regulatory Compliance:

• Partner with business units, product teams, and engineering groups to embed security throughout the development and delivery lifecycle
• Advocate for secure design principles and guide teams in adopting architectures that meet both security and business requirements
• Collaborate with vendors to evaluate cloud, AI, and infrastructure enhancements, ensuring alignment with security expectations.

• Ensure architectural decisions support compliance with relevant regulatory and industry standards such as NIST 800‑53, DISA STIGs, PCI‑DSS, SOX, and others.
• Maintain awareness of evolving compliance obligations and incorporate them into architectural patterns and controls.

Four years of college resulting in a bachelor’s degree or equivalent experience.

One of more of the following certifications (or equivalent):

• ISC2 CISSP, CISM, CCSP
• Advanced GIAC/SANS certifications - GCIH, GCIA, GCFE, GCFA, GREM, GWAPT, GPEN, GSE
• Microsoft AZ-500, AI-900, AI-102, SC-900, AZ-900

5+ years of senior-level Information Security experience focused on Security Architecture, Cloud Security, Security Engineering, or Risk Management

Hands-on experience with cloud architectures, AI-enabled systems, modern application stacks, and security technologies.

• Strong analytical skills, attention to detail, and excellent communication skills.
• Deep understanding of cloud architectures, application and web architectures, database and network security architecture.
• Knowledge of NIST 800-53 Framework, NIST AI RMF, regulatory compliance regulations - PCI-DSS, Sarbanes-Oxley, and awareness of industry standards and best practices.
• Working knowledge of modern security solutions, tooling, and architectural patterns.

• This position has no Supervisory Responsibility

Due to U.S. Government requirements applicable to foreign-owned telecommunications providers, non-US citizens may be required to submit to an extensive government agency background check which will necessitate disclosure of sensitive Personally Identifiable Information.