Principal Architect

Position: Principal Architect 

Location: Tustin, CA office

Pay:  $175k to $225k a year

Position Summary:

The Senior Cybersecurity Architect serves as a strategic leader in defining, advancing, and safeguarding the enterprise’s security posture and resilience. This role is responsible for driving the long-term security architecture vision, aligning it with business goals, regulatory requirements, and emerging industry practices. As a senior advisor and thought leader, the Senior Cybersecurity Architect provides deep technical expertise while guiding teams, mentoring peers, and influencing executives to embed security into every layer of the organization’s technology ecosystem.

This position demands a forward-looking strategist with proven leadership ability, advanced technical mastery, and the capacity to independently own complex, enterprise-scale initiatives in a dynamic environment.

Duties and Responsibilities:

• Partner with the Office of the CISO to define and execute enterprise security architecture strategies, roadmaps, and priorities.
• Lead the design, engineering, and evolution of enterprise-wide security solutions across cloud, hybrid, and on-premises environments.
• Establish and govern security reference architectures, technology standards, and enterprise patterns that balance innovation with risk reduction.
• Provide executive-level guidance on emerging threats, regulatory drivers, and security innovation to ensure proactive and resilient defense capabilities.
• Oversee architectural and design reviews, ensuring security requirements and Zero Trust principles are consistently integrated.
• Drive enterprise proof-of-concepts, technology evaluations, and adoption of next-generation security solutions.
• Mentor and develop junior and mid-level architects, engineers, and security professionals, fostering a culture of continuous learning and collaboration.
• Serve as a trusted advisor and security liaison to senior engineering, infrastructure, DevOps, and IT leadership teams.
• Lead architectural post-incident reviews and embed lessons learned into enterprise security strategy to strengthen resilience.
• Author, present, and maintain strategic security architecture documentation, executive reports, and board-level briefings.

Qualifications:

• Expert-level knowledge of attack vectors, advanced threat modeling, and defense-in-depth security strategies.
• Mastery of architectural and engineering concepts across:
• Application Detection and Response (ADR)
• AI Security Posture Management (AI-SPM)
• Cloud Detection and Response (CDR), Cloud-Native Application Protection Platform (CNAPP), Cloud Security Posture Management (CSPM)
• Data Loss Prevention (DLP)
• Data Security Posture Management (DSPM)
• Encryption technologies, Public Key Infrastructure (PKI), Hardware Security Modules (HSM), and cryptographic key management
• Identity Threat Detection and Response (ITDR)

• Managed Detection and Response (MDR)
• Network Access Control (NAC)
• Network Generation Firewalls (NGFW)
• Next-generation Security Information and Event Management (SIEM)
• Secure Access Service Edge (SASE)
• Unified multi-cloud Network-as-a-Service (NaaS)
• Zero Trust Network Access (ZTNA)

• Proven experience independently leading enterprise-scale security programs from concept through implementation.
• Strong ability to influence executives, engage cross-functional leaders, and articulate technical concepts to business audiences.
• Demonstrated success in building, mentoring, and guiding high-performing security teams.
• Deep expertise in applying industry frameworks and standards such as NIST CSF, CIS Controls, MITRE ATT&CK, NYDFS, PCI-DSS, and others.
• Strong track record of integrating security into governance, risk, and compliance initiatives.

Education, Experience, and Certifications:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field.
• Master’s degree in Cybersecurity, Computer Science, Information Systems, Business or related field.
• 20+ years of experience in cybersecurity architecture, engineering, and security leadership roles.
• Two or more of the following certifications required: CISSP, CCSP, CISM, CEH, GIAC (GSEC, GMON), OSCP/OSCE, CEH, TOGAF, CASP+, etc.
• Experience in the financial services or mortgage industry is a plus.

Reporting Line:

• Primary: Reports directly to the Director, Cybersecurity Services.
• Secondary: Partners closely with the Office of the CISO to ensure alignment with enterprise security strategy and executive priorities.

Work Authorization:

Must be able to verify identity and employment eligibility to work in the U.S.

Other Duties:

This job profile is not intended to be an all-inclusive list of job duties and responsibilities, as one may perform additional related duties as assigned in order to meet the needs of the organization.

Physical Demands:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Must be able to lift up to ten pounds. Primary functions require sufficient physical ability and mobility to work in an office setting; to stand or sit for prolonged periods of time; to occasionally stoop, bend, kneel, crouch, reach, and twist; to lift, carry, push, and/or pull light to moderate amounts of weight; to operate office equipment requiring repetitive hand movement and fine coordination including use of a keyboard; and to verbally communicate to exchange information. VISION: See in the normal visual range with or without correction. HEARING: Hear in the normal audio range with or without correction.

[EOE/M/F/D/V. Drug-free workplace.]

#LI-KZ1

#Remote