Enterprise Cyber Security Solution Architect

Enterprise Cyber Security Solution Architect Location: North Tampa, FL (Hybrid) **NOTE-No Corp. to Corp. and Must be Local to Tampa to be considered. Must legally be able to work in the United States for any employer effective immediately. Overview The Enterprise Cyber Security Solution Architect is responsible for designing, maturing, and governing enterprise-wide cybersecurity solutions that protect critical information assets and infrastructure. This role serves as a solution architect and technical authority , defining future-state architectures, security standards, and multi-year roadmaps, while partnering with engineering teams, system integrators, and Managed Security Service providers (MSS) for execution and operations. The position provides architectural leadership across: Identity & Access Management (IAM/IGA) Privileged Access Management (PAM) Application Security Public Key Infrastructure (PKI) Note: This is an architecture-focused role and does not involve hands‑on implementation or day‑to‑day administration. Qualifications (Summary) Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related field (or equivalent experience) 8+ years of cybersecurity or IT experience with strong architecture exposure Demonstrated expertise across IAM/IGA, PAM, DLP, Application Security, and PKI Strong communication, documentation, and strategic planning skills Certifications Required: Two cybersecurity certifications (or ability to obtain within 1 year) from recognized vendors (e.g., (ISC)², GIAC, ISACA, CompTIA, EC‑Council) Preferred: ITIL v3 Certifications such as: CISSP, CISM, CISA, CRISC, CEH, GIAC, OSCP, SSCP (or similar) Experience 8+ years of experience in cybersecurity or IT, including: Security architecture Risk analysis and security assessments Systems or infrastructure security Data protection (DLP/FIM) Knowledge, Skills & Abilities Expert-level understanding of cybersecurity architecture and best practices Strong knowledge of: Threat landscape, vulnerabilities, and risk management IAM, data protection, application, and infrastructure security Enterprise architecture frameworks and models Security frameworks (e.g., NIST, ISO 27001) Experience with: SIEM, IDS/IPS, endpoint protection, and threat intelligence tools Risk assessments and vulnerability analysis Strong analytical, problem‑solving, and communication skills Ability to work across technical and non‑technical stakeholders Adaptability to evolving technologies, threats, and regulatory requirements Working Conditions Standard office environment Occasional after‑hours, weekend work, and on‑call participation Physical Requirements Standard office‑related physical demands Primary Duties & Responsibilities Identity Management & Identity Governance (IAM / IGA) – 35% Define and maintain IAM/IGA reference architectures, standards, and roadmaps aligned with Zero Trust and least privilege principles Provide architecture leadership for Microsoft Entra ID (passwordless authentication, Conditional Access, SSO, identity federation) Architect and mature Saviynt IGA capabilities (RBAC, role catalog, entitlement management, access certifications) Design identity controls to mitigate BYOD risk using Conditional Access and device trust strategies Lead integrations with enterprise platforms (e.g., PAM tools, ITSM, ERP systems) Govern non‑human/workload identities in coordination with IAM and PAM platforms Privileged Access Management (PAM – CyberArk) – 25% Serve as the enterprise PAM solution architect and design authority Define and lead the PAM maturity roadmap (pilot → enterprise rollout → MSS transition) Architect advanced capabilities including: Privileged session recording Secure credential access Establish PAM architectures across on‑prem, cloud, hybrid, and distributed environments Provide governance oversight to ensure scalable, secure, and compliant implementations Lead architecture for enterprise DLP capabilities Define data classification, labeling, and protection strategies across: Email Data at rest Align DLP with IAM, Conditional Access, and data governance requirements Partner with Legal, Compliance, and Risk teams to meet regulatory and privacy standards Application Security (Architecture & Secure SDLC) – 15% Define secure application architectures and secure coding standards Integrate security into the Software Development Lifecycle (SDLC) Provide guidance on authentication, authorization, and secure data handling Support security architecture reviews and risk assessments for critical systems PKI & Certificate Management – 5% Provide governance for PKI and certificate lifecycle management Define standards for certificate issuance, renewal, revocation, and automation Support certificate‑based authentication and passwordless initiatives Cyber Defense & Security Governance – 5% Contribute to architecture and governance of threat detection and response capabilities Support development of security standards, policies, and control frameworks Act as a trusted advisor in security architecture and enterprise risk discussions Relationships Internal: Information Security, Enterprise Architecture, IAM/IGA teams, Application Development, Infrastructure, Cloud, Risk, Compliance, Audit, Executive Leadership External: System Integrators, Security Vendors, Managed Security Service Providers, Auditors, Industry Partners #J-18808-Ljbffr