Staff Security Architect, Enterprise
Staff Security Architect, Enterprise
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
About The role
SoFi Cybersecurity Architecture team assists and partners with engineering product and design organizations. Our mission is to build a secure and resilient enterprise that protects our employees customers and business operations. By embedding security into our infrastructure cloud environments and enterprise systems we safeguard critical assets while enabling the business to operate efficiently and securely.
As a Staff Security Architect you will be responsible for the end-to-end security architecture of our platforms products and corporate services. You will work in conjunction with security compliance and risk teams to make decisions and help lead initiatives to ensure timely delivery of security solutions that support our business objectives.
The ideal candidate will be highly collaborative balancing the right level of security with business objectives and working to creatively solve complex Corporate Security related problems in an agile environment.
What youll do:
Be an Cybersecurity architect evangelist who can translate security concepts into language that is meaningful to our IT teams and engineering. Design and implement security architectures that align with business needs while ensuring robust protection across corporate environments.
Architect and lead the implementation of a Zero Trust security model ensuring secure access across users devices and services.
Own and evolve IAM and PAM strategy leveraging tools like Okta Azure AD and centralized secrets management to enforce least-privilege access.
Architect and oversee the enterprise-wide endpoint security strategy integrating solutions like CrowdStrike JAMF and Microsoft Defender to ensure consistent protection visibility and policy enforcement across all device platforms.
Lead the design and rollout of network security controls using Zscaler (ZTNA SWG) microsegmentation and secure remote access patterns.
Partner with engineering IT and compliance teams to embed security into infrastructure device management and enterprise tooling.
Conduct architecture reviews threat modeling and drive remediation plans across cloud and on-prem systems.
Build and automate security guardrails into CI/CD and infrastructure pipelinesSecurity as Code.
Continuously evaluate emerging threats tools and technologies translating insight into actionable strategy.
What youll need:
Designed and implemented AWS-native security architectures with deep hands-on experience in IAM KMS GuardDuty Security Hub WAF and enforcing least privilege across multi-account environments.
Led Zero Trust strategy and execution including identity-based access device posture enforcement and network segmentation across hybrid environments.
Architected enterprise-wide IAM and PAM solutions using Okta Azure AD and integrated secrets management systems to enforce strong authentication role-based access control and session governance.
Built and operationalized endpoint security frameworks using leading EDR/XDR platforms like CrowdStrike and Defender ATP along with JAMF and Intune for device compliance and policy enforcement.
Integrated Zscaler CASB and Secure Web Gateway (SWG) solutions into core network and user access flows enabling secure access to cloud and SaaS resources in a Zero Trust model.
Applied industry-standard frameworks such as MITRE ATT&CK NIST and CIS Controls to design scalable auditable and resilient security architectures.
Excellent communication skillsyou can explain security trade-offs clearly to engineers and executives alike.
Ability to prioritize between and execute on multiple work streams
Written and verbal skills for communicating security concepts and solutions
Preferred Qualifications:
Bachelors degree in Computer Science or equivalent from a fully-accredited college or university
8 Experience in Infrastructure and corporate security architecture
Experience with cloud native products and in-depth understanding Zero Trust Principle years of experience with cloud technologies preferably AWS
Demonstrated ability to think strategically about business product and technical challenges
Ability to manage relationships with other business units external vendors and stakeholders when IT security risks are present and system or process changes must be made to mitigate risk
Ability to work in a fast paced and Agile development environment
Work and play well with others; SoFi is a collaborative environment
Nice to have:
CISSP Zscaler Digital Transformation Administrator Okta certified professional AWS Certified Security Speciality
Masters or PhD in Computer Science or Engineering
Financial services experience
Required Experience:
Staff IC
Employment Type
Full-Time
