Security Architect

Join Forcepoints Infrastructure Security team within the CISO organization as a Security Architect and play a key role in implementing organization-wide security strategy across our corporate infrastructure. You will own and administer the CISO securitytool stack design and implement security measures across endpoint cloud identity email and network environments conduct security reviews and risk assessments and serve as a technical security partner to IT Engineering DevOps and Cloud Operations teams.Thisroleisgrounded in securityarchitecture and designwith direct platform ownership to ensure architectural decisions are operationally grounded. It requiresa practitionerwith broad commandacross the full IT stackspanning endpoint cloud identity network and application domains who can connect security strategy to execution across all layers of the environment.AI is a first-class tool in this role: you are expected to use it actively in your day-to-day work and to understand the security risks it introduces.

Key Responsibilities

• Platform Administration & Operations

• Own and administer CISO-managed security platforms including EDR/XDR CSPM DSPM DLP Web/Email Security and EASM tools.

• Maintain platform health coverage and configuration; identify and implement tuning and optimization opportunities to improve detection posture and operational efficiency.

• Build and maintain automation workflows and scripts to reduce manual effort and improve response capabilities.

• Security Architecture & Design

• Assess the corporate and cloud environment to identify security gaps recommend improvements and design controls that reduce risk across endpoint identity cloud and network domains.

• Develop and maintain security architecture documentation reference designs and technical standards that guide consistent security decision-making across the organization.

• Evaluate new and existing security technologies; provide recommendations on adoption integration and configuration aligned with the teams strategic direction.

• Cloud Vulnerability & Exposure Management

• Assess and advise on cloud security posture across AWS and Azure environments; partner with the relevant cloud and infrastructure teams to track and drive remediation of misconfigurations and findings within defined SLAs.

• Oversee vulnerability management and continuous threat exposure management (CTEM) coverage; work with IT and engineering teams to prioritize and close findings based on exploitability and business impact; report status to Security leadership.

• Identity & Access Management

• Assess and advise on identity and access controls across the corporate environment including SSO MFA conditional access and privileged access management.

• Identify identity-related risks and recommend architectural improvements; support remediation efforts in partnership with IT.

• Cross-functional Collaboration

• Serve as a primary security technical partner to IT Engineering DevOps and Cloud Operations teams on infrastructure-related initiatives; provide architectural guidance and hands-on support and act as a focal point for infrastructure security discussions across these teams.

• Support the SOC team throughout the incident lifecycle by providing architectural context that informs containment decisions and drives systematic infrastructure improvements through completion.

• Provide technical security support to the GRC team on compliance evidence customer security questionnaires and audit activities; provide technical security support to the AppSec team on responsible disclosure handling and external vulnerability research engagement.

• Contribute to security strategy and roadmap discussions led by the CISO and Sr. Manager Cybersecurity Architecture & Security Operations; provide technical input that shapes prioritization and execution.

• Track and drive infrastructure security workstreams through to completion; document progress follow up on commitments and coordinate stakeholders across teams to keep work moving.

• Provide customer-perspective feedback to Forcepoint Engineering and Product Management on Forcepoint products in use within the corporate environment; test new features for fit before internal rollout (this is not a QA function).

• AI Usage

• Actively use AI tools in daily work to accelerate research scripting documentation and analysis; apply sound judgment about data handling and appropriate use.

• Stay current on AI-specific security risks and contribute to internal AI governance and acceptable use practices.

Qualifications

• 5 years of IT experience with at least 3 years in a dedicated security role.

• Hands-on background spanning security and at least one adjacent IT or software engineering discipline: systems administration network administration cloud infrastructure application security DevSecOps or application support. Breadth across the IT stack is more valuable than deep specialization in a single area.

• Experience administering and operating multiple enterprise security platforms in production environments.

• Familiarity with AWS and/or Azure security services and cloud security concepts.

• Strong written and verbal communication skills; able to translate technical findings into clear risk language for a range of audiences.

• Active daily use of AI tools with demonstrated ability to apply them responsibly and effectively.

Preferred Skills

• Experience with Forcepoint security products (Cloud Web Cloud Email DLP DSPM) or comparable enterprise platforms.

• Familiarity with CrowdStrike Falcon across EDR Identity Protection and Cloud Security modules.

• Experience working alongsideIT Cloud OperationsDevOpsSOC GRC or AppSec teams in a technical advisory or support capacity.

• Security certifications such as CISSP CCSP AWS Security Specialty CISM or GIAC are preferred but not required.

Education

A bachelors degree in Computer Science Information Technology Information Security or a related field is preferred. Equivalent professional experience demonstrating the required technical depth and breadth will be considered in lieu of a degree.

Location & Work Model

• Primary location: Cork Ireland.

• Hybrid work model with occasional travel (<10%).