- Company Name
- Shift Technology
- Job Title
- Senior Security Architect
- Job Description
-
Job Title: Senior Security Architect
Role Summary:
Design, implement, and govern security architecture for a complex Azure‑native SaaS platform, ensuring secure multi‑tenant solutions. Act as the lead security consultant across product, engineering, and data teams, embedding security throughout the SDLC and enforcing Zero‑Trust, defense‑in‑depth principles.
Expactations:
- Deliver architected, compliant security solutions that meet regulatory and industry standards.
- Lead threat modeling, secure coding governance, and incident response to prevent data breaches.
- Drive adoption of IaC, security‑as‑code guardrails, and automation across cloud infrastructure.
Key Responsibilities:
1. **Cloud Security Architecture**
- Define and maintain Azure security reference architecture for Windows & Kubernetes SaaS products.
- Validate and approve new service designs against security principles and compliance requirements.
- Set Azure networking standards (VNet segmentation, firewalls, private endpoints).
2. **Product & Application Security**
- Lead STRIDE threat modeling sessions with dev teams.
- Establish and enforce secure coding standards; prioritize remediation of SAST/DAST/SCA findings.
- Architect tenant isolation, data segregation, secure APIs, and authentication/authorization patterns.
3. **Data Security**
- Design data‑at‑rest and in‑transit protection for Azure SQL, Cosmos DB, Databricks, etc.
- Translate data classification policies into technical controls and Azure Key Vault solutions.
- Build secure data access with Azure VDI, DLP, and exfiltration controls.
4. **Security Engineering & Ops Enablement**
- Develop IaC and security‑as‑code guardrails to detect insecure configurations automatically.
- Escalate complex cloud security investigations to Security Operations.
- Prototype and recommend emerging cloud security technologies to evolve the program.
Required Skills:
- 7+ years in senior cloud security, product security, or architecture roles.
- Proven multi‑tenant SaaS security design on Azure.
- Deep knowledge of Zero‑Trust, least privilege, defense‑in‑depth, OWASP Top 10, STRIDE.
- Hands‑on with SAST, DAST, SCA, Azure Key Vault, Azure networking services, IaC.
- Strong communication and stakeholder facilitation skills.
Required Education & Certifications:
- Bachelor’s degree in Computer Science, Information Security, or equivalent experience.
- Azure certifications (AZ‑500, AZ‑303/304) and/or CISSP highly desirable.