Principal Security Architect

Job Description

ComResource is looking for a Principal Security Analyst.

We need someone to assist in designing, testing, implementing, and maintaining secure systems across both on-premise and cloud environments. This role will lead initiatives to enhance security posture, evaluate system vulnerabilities, and ensure best practices are embedded in architectural designs.

Responsibilities:

1. Plan, research, and design secure IT architectures for cloud and on-prem environments.
2. Review and enhance existing security measures, identifying weaknesses and areas for improvement.
3. Oversee the installation requirements and validation for LANs, WANs, VPNs, routers, firewalls, and related network infrastructure.
4. Develop and test security systems, establish disaster recovery procedures, and respond to security incidents.
5. Provide expert guidance on new projects, including secure development principles and architecture.
6. Evaluate system changes for risk, document impacts, and propose mitigation strategies.
7. Design and implement security controls that align with frameworks such as NIST, OWASP, and PCI DSS.
8. Perform threat modeling, code reviews, and risk assessments on deployed applications.
9. Collaborate with internal teams to drive continuous improvement and automation.
10. Monitor and respond to emerging threats, technologies, and vulnerabilities.
11. Lead complex projects, mentor security team members, and promote a culture of security awareness.
12. Support budgeting, forecasting, and cost models for security services and architecture initiatives.

Essentials:

1. Bachelor’s degree in Computer Science, Information Systems, or related field.
2. 7–10 years of experience in security architecture and engineering.
3. CISSP or CCSP certification required; additional certifications such as CISA or CISM are a plus.
4. Expertise in secure systems design, application security, cloud deployments (Azure & AWS), and SDLC/DevOps.
5. Familiarity with security controls including firewalls, IDS/IPS, SIEM, DLP, endpoint monitoring, and vulnerability management tools.
6. Strong understanding of frameworks like NIST 800-53/171, GDPR, CCPA, OWASP.
7. Experience with architecture principles (e.g., SABSA, TOGAF) and methodologies (Agile, Waterfall, Hybrid).
8. Technical knowledge of Kubernetes, APIs, containers, CI/CD pipelines, and infrastructure as code (IaC).
9. Exceptional verbal and written communication skills, with the ability to articulate complex security concepts.

Desired:

• Demonstrated ability to influence across technical and executive teams.
• Proven leadership on enterprise-wide security initiatives.
• Experience with forensic investigations, user training, and cloud security solutions.
• Ability to manage competing priorities and foster collaboration across IT teams.
• Track record of developing scalable, compliant security solutions and policies.

Req ID: AM44809344