Cybersecurity Architect

Cybersecurity Architect Date: Mar 27, 2026 Location: Cary, NC, US; Overland Park, KS, US Company: Black & Veatch Family of Companies (Black & Veatch Corporation) Opportunity Type: Staff Why Black & Veatch Black & Veatch allows you to lend your talent and perspective to humanity’s biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation, 401K match and benefits that start day one. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use. The Opportunity The Cybersecurity Architect is a key senior role focused on defining, designing, and maintaining the organization’s enterprise‑wide security architecture to align with business goals, risk strategies, and evolving threats. Core Responsibilities Develop and maintain a comprehensive security architecture strategy, including plans, roadmaps, processes, and artifacts that translate business objectives, technology needs, and threat landscapes into actionable, aligned security solutions for cloud, on‑premise, and hybrid environments. Monitor emerging digital business changes and threat developments; update security strategies, architectures, and reference designs accordingly; validate IT infrastructure, configurations, and tools against best practices; recommend enhancements to mitigate risks. Collaborate with stakeholders—including enterprise architects, system owners, security engineers, vendors, operational teams, and the CISO—to assess and integrate security controls (system‑specific, hybrid, common); evaluate third‑party SOWs, audit reports, and provider controls; coordinate security for OT/IoT systems; serve as primary liaison for control allocation and assurance. The Team Black & Veatch’s Business Enablement consists of critical groups that help enable the organization’s people, projects, and businesses to be as successful as possible. Functions in this group include Digital & Information Technology, Global Finance, Global Human Resources, Legal, Risk Management, and Government Affairs and Real Estate and Building Services. Key Responsibilities Establish baseline security configuration standards for operating systems, network segmentation, least‑privilege access, and identity and access management (IAM); review and validate network segmentation designs. Define and maintain standards and procedures for data encryption, tokenization, and protection of sensitive data, aligned with organizational data classification; collaborate with privacy teams to map data flows and recommend appropriate controls. Draft, document, and maintain security policies, standards, procedures, and architecture artifacts; submit for executive/CISO review and approval; ensure integration throughout the acquisition lifecycle and system development. Conduct threat modeling for applications, services, and systems based on associated risks and data sensitivity; identify architecture gaps, perform security reviews, and develop risk management plans to address vulnerabilities. Stay current on emerging security technologies, threats, trends, and best practices; evaluate new tools, services, and vendors; provide recommendations to the security team based on security, cost, and operational considerations. Collaborate with DevOps, development, and project teams to promote secure coding practices, participate in application/infrastructure projects, advise on security planning, and raise issues to the CISO. Support security testing, validation, and internal audits of controls; liaise with internal audit, vendor management, and other security practitioners to assess vendor risks, review SOWs/audits, and share best practices. Analyze the security impact of new systems, interfaces, or changes on the existing environment; recommend enhancements to maintain or improve overall security posture. Management Responsibilities Supervises work of others. Responsible for hiring, discipline, and pay administration of subordinates. Preferred Qualifications Hands‑on expertise managing security infrastructure: firewalls, IPS, WAFs, endpoint protection, SIEM, and log management. Proven track record building enterprise AI security frameworks and controls for generative AI, LLMs, federated learning, and AI supply chain risks. Direct experience securing applications and infrastructure in public clouds (AWS, Azure). Practical design and implementation of IAM technologies and services. Excellent communication skills: able to translate complex security topics into clear business language; strong written and verbal presentation skills to stakeholders. Minimum Qualifications Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Network Engineering, or a closely related field. 8‑10+ years in InfoSec or Information Technology with a significant portion in cybersecurity. All applicants must be able to complete pre‑employment onboarding requirements (if selected) which may include background checks, drug screening, and motor vehicle records search, in compliance with applicable laws and regulations. Certifications CISSP, CISM, CCSP, CEH, or similar with a Cybersecurity emphasis. Work Environment/Physical Demands Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance, and work assignments. Job Grade 018 Equal Employment Opportunity (EEO) Statement BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender identity and expression, disability, veteran status, pregnancy status, or other status protected by law. For our EEO Policy Statement, please click here. #J-18808-Ljbffr