Enterprise Security Architect

ITHAKA is looking for an Enterprise Security Architect who can help the organization achieve the highest possible levels of system and data protection and security awareness. You will be responsible for ensuring that ITHAKA's mission and business are protected from cybersecurity threats and risks, working with and advising colleagues to implement that protection.

As Enterprise Security Architect, you will work as  a member of the Architects team, reporting to the chief architect. In this role, you will advise the Engineering and Information Technology teams supporting the organization on best practices and systems for effective cybersecurity.

You will lead the efforts to create and evolve the security strategy for ITHAKA, effectively addressing risks to our current and future business and customers. You will help implement this security strategy by developing policies, compliance activities, and security awareness across the organization.

Our team is seeking technology professionals with strong collaboration, technical expertise, and role alignment. Please submit a resume (and optional cover letter) that detail your experience in:

• Collaboration: Experience working with cross-functional teams, stakeholders and executives, such as engineers, architects, or security teams.
• Technical Expertise: Hands-on experience with relevant technologies, emphasizing how they align with the role’s requirements.
• Role Alignment: Job titles and descriptions that accurately reflect strategic and technical contributions, especially for architect-level roles.

Responsibilities

• Develop organizational cybersecurity strategy aligned with business needs and risks
• Partner with Engineering and IT to implement security practices and develop risk assessment skills
• Create application security policies aligned with standards like OWASP
• Review, analyze, and evolve security policies as business needs change
• Lead the Security Awareness Training program
• Lead security incident response
• Ensure regulatory compliance (GDPR, CCPA) in consultation with Legal
• Manage security service providers and risk assessment of vendors and sub-processors
• Support audit processes and business continuity strategy
• Provide regular security status updates to stakeholders

Experience and Skills

• 5+ years in IT/Security roles with mentoring experience
• Knowledge of AWS VPC, Fastly, and Cisco networking security
• Cloud security experience (AWS required, Azure a plus)
• Experience with security tools (AWS Inspector, Qualys)
• Ability to identify/design against vulnerabilities (OWASP Top 10, CWE Top 25)
• Experience in secure software development (Agile, DevOps, DevSecOps)
• Risk assessment and threat modeling expertise
• Security certifications (CEH, CISSP, or other relevant)
• Familiarity with security frameworks (CIS, NIST, AWS Shared Responsibility Model)

Work Authorization and Sponsorship 

ITHAKA is not currently considering candidates who require any type of immigration sponsorship (additional work authorization or permanent work authorization) now or in the future to work in the United States.

Compensation and Benefits

At ITHAKA we believe in openness and equity. Part of living those values is our commitment to clarity about salary ranges, so candidates know what to expect. The starting salary for this position ranges from $152,152 to $190,173 per year. Starting pay may vary with job-related knowledge, skills, and experience. At present, our total compensation package for benefits-eligible employees includes medical, dental, and vision plans, an employer-paid 10% retirement contribution, paid parental and caregiver leave, 22 days of paid time off, 11 paid holidays, up to 12 sick days, wellness benefits, and more. Please note that ITHAKA, at its discretion, may make changes to its benefits programs from time to time.

#LI-JS1

#LI-REMOTE