Cyber Security Architect

Cyber Security Architect – Job Description

About the Role

As a Cyber Security Architect, you will be responsible for designing, developing, and implementing security solutions to protect Varonis' infrastructure, applications, and data from cyber threats.

You will collaborate with IT, development, and business teams to define security frameworks, enforce best practices, and ensure compliance with industry standards. Your role is critical in identifying security risks, designing resilient architectures, and leading security initiatives to strengthen enterprise security against evolving threats.

Key Responsibilities

• Develop and implement security architectures for cloud, on-premises, and hybrid environments.
• Identify vulnerabilities, assess security risks, and recommend effective mitigation strategies.
• Design and implement security controls for cloud environments (Azure, AWS, GCP).
• Develop and enforce strong authentication, authorization, and access control policies.
• Provide guidelines for security-related solutions, including firewalls, SIEM, EDR, WAF, DLP, VPNs, and Zero Trust Network Access (ZTNA).
• Lead OS hardening efforts for Windows, Linux, and macOS environments to reduce attack surfaces and enhance system security.
• Collaborate with SOC teams to detect, respond to, and remediate security incidents.
• Work cross-functionally with development, infrastructure, and business teams to ensure security is a priority in all projects.

Required Skills & Qualifications

• At least 5 years of experience in security architecture, design, or engineering.
• Experience in cloud security (Azure, AWS, and GCP).
• Strong knowledge of firewall design, security reviews, and secure network architecture principles.
• Deep expertise in IAM systems and authentication protocols, including Kerberos, NTLM, LDAP, SAML, OAuth, and OpenID Connect.
• Experience with vulnerability scanners and a solid understanding of common vulnerabilities (e.g., OWASP Top 10).
• Experience in OS hardening, including secure configuration, patch management, and compliance enforcement.
• Experience designing and deploying Zero Trust Network Access (ZTNA) solutions.
• Knowledge of security considerations for containerized environments (Docker, Kubernetes).
• Strong ability to manage multiple security projects, meet deadlines, and drive security initiatives.

Desired Certifications

• Bachelor’s degree in a relevant field.
• CISSP (Certified Information Systems Security Professional).
• CISM (Certified Information Security Manager).
• CompTIA Security+, CEH (Certified Ethical Hacker).