Security Architect
Share
Job Location:
Monthly Salary:
Posted on:
14 hours ago
Vacancies:
1 Vacancy
Job Summary
Recruitment Fraud Alert
Weve learned that scammers are impersonating Commvault team membersincluding HR and leadershipvia email or text. These bad actors may conduct fake interviews and ask for personal information such as your social security number.
What to know:
- Commvault doesnotconduct interviews by email or text.
- We will never ask you to submit sensitive documents (including banking information SSN etc) before your first day.
If you suspect a recruiting scam please contact us at
About Commvault
Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover take action and rapidly recover from cyberattacks keeping data safe and businesses resilient. The companys unique AI-powered platform combines best-in-class data protection exceptional data security advanced data intelligence and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years more than 100000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks improve governance and do more with data.
Security Architect
The Opportunity
As aSecurity Architectat Commvault you will help secure the designand deployment ofthird-party and internal solutionsacross ourinternal environmentandplatforms. This role is hands-on and forward-looking centered onidentifyingand mitigating security riskswhile enabling innovation at scale.
As a member of the Security Architectureteamyou will partner closely withEnterprise ArchitectureSecurityEngineeringandCloudSecurityteams toconduct security reviews define enterprise standards and recommend improvements for new applications solutions and the overall Commvault enterpriseenvironment.
WhatYoullDo
- Identifyand assess security risks across applications networks cloud architectures identity platforms and supporting infrastructure.
- Evaluate thirdparty platforms SaaS applications and integrations for security and compliance risks.
- Collaborate with GRC IT and Eng teams to define document andimplemententerprise security standardsto meet regulatory contractual and internal governance requirements
- Providearchitectural guidance on secure network segmentation zero trust design patternsdata protection mechanismsaccess control models and secure system configuration.
- Establishand performsecurity design reviews and threat modeling for new or updated systems applications and integrations.
- Assess cloud-native deployments and cloudarchitectures(AWS Azure GCP) to ensure alignment with security best practices and organizational standards.
- Monitor emerging threats vulnerabilities and security technologies and translate them into actionable architecture improvements.
Who You Are
- 5 years of experience in information security product security or security engineering roles
- Strong ability tocommunicate and collaboratewith both technical stakeholders and leadershipacross engineering product IT and legal teams
- Strong structured writing ability needed to conduct security reviews
- Working knowledge of common security frameworks (ISO NIST PCI-DSS CIS MITRE Attack Framework) and ability to apply these principles in practice
- Strong understanding of:
- Application security fundamentals secure SDLC and common application threat vectors
- Network security standards and architectures including firewalling segmentation VPNs zero trust IDS/IPS web filtering and encryption
- IAM standards including SSO MFA OAuth 2.0 OIDC SAML RBAC/ABAC and privileged access patterns
- Active Directory Entra ID (Azure AD) directory services identity federation conditional access and authentication hardening
- Server configuration and hardening for both Linux and Windows systems
- Securinghybrid cloud architecture andcloud-native services
- Knowledge of modern threat modeling and risk assessment techniques.
- Comfortablecollaboratingwith engineering data science and product teams.
- Able to translate complextechnical securityrisks into practical guidance.
Nice to Have
- Knowledge of data protection privacy and governance principles.
- Experience with cloud-native security tools and platforms.
- Securityand/or cloudcertifications (CISSP CCSP GWAPT AWS SAA AZ-500 GCPCloud SecurityEngineer)
- Knowledge of email security practices (secure email gateways antiphishing controls DMARC/DKIM/SPF enforcement malware scanning)
- Hands-on experience implementing and/or operating security solutions including:
- Firewallmanagers (CISCO Umbrella Palo Altos)
- EDR (CrowdstrikeSentinelOne Windows Defender)
- CSPM/CNAPP/CWPP ( Prisma Cloud OrcaCrowdstrikeFalconetc)
- IGA/PAM (Sailpoint Okta Ping CyberArkBeyondTrust)
- SIEM/SOAR (SplunkCrowdstrikeNG SIEMMSFTSentinel)
- WAF (ImpervaAkamai Cloud Native WAF solutions)
- DLP (Forcepoint ProofpointSymantec)
- Email Security (ProofpointTrellix)
- Experience in automating security architecture review processes
Commvault is an equal opportunity workplace and is an affirmative action employer. We are always committed to equal employment opportunity regardless of race color ancestry religion sex national origin sexual orientation age citizenship marital status disability gender identity or Veteran status and we will not discriminate against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we work.
Commvaults goal is to make interviewing inclusive and accessible to all candidates and employees. If you have a disability or special need that requires accommodation to participate in the interview process or apply for a position at Commvault please email For any inquiries not related to an accommodation please reach out to.
Required Experience:
Staff IC
