Openkyber
Identity Security Architect
⭐ - Featured Role | Apply direct with Data Freelance Hub
This role is for an Identity Security Architect on a contract basis, offering a competitive pay rate. Key requirements include 10+ years in Information Security, expertise in AWS/Azure, and preferred certifications like CISSP or CISM. Remote work is available.
🌎 - Country
United States
💱 - Currency
Unknown
-
💰 - Day rate
Unknown
-
🗓️ - Date
February 6, 2026
🕒 - Duration
Unknown
-
🏝️ - Location
Remote
-
📄 - Contract
Unknown
-
🔒 - Security
Unknown
-
📍 - Location detailed
Georgia
-
🧠 - Skills detailed
#Cloud #Terraform #Monitoring #Leadership #Splunk #Firewalls #Infrastructure as Code (IaC) #Logging #Vault #Azure #Data Security #PCI (Payment Card Industry) #Compliance #AWS (Amazon Web Services) #Vulnerability Management #Linux #IAM (Identity and Access Management) #Strategy #Defender #WAF (Web Application Firewall) #Security
Role description
Title: Identity Security Architect Location: [City, State or Remote/Hybrid Onsite] Employment Type: Contract Role Summary:
We are seeking a Mid-Senior Security Architect to design and evolve enterprise security architecture across on prem and cloud environments (AWS/Azure). This role will own high-level security frameworks and reference architectures, partner closely with SOC/IR/engineering teams to strengthen detection and response, and drive secure-by-design patterns across infrastructure, applications, and endpoints. The ideal candidate blends deep technical breadth with the leadership and communication skills to influence senior stakeholders and guide engineering teams. Core Responsibilities:
Architecture & Strategy: Create and maintain security reference architectures, blueprints, and roadmaps for network, endpoint, identity, cloud (AWS/Azure), and data protection. Define and govern security standards, patterns, and guardrails (e.g., network segmentation, zero trust, bastion patterns, key vaulting, least privilege). Lead architecture reviews and threat modeling for new platforms, services, and integrations; ensure secure-by-design principles. Partner with Infrastructure, Cloud, and App Engineering to translate business goals into resilient security architecture and control objectives.
Security Operations (Defense & Detection): Collaborate with the SOC to mature alerting, correlation, and detection engineering (SIEM/SOAR, EDR, cloud-native telemetry). Work with Threat Hunters to refine hypotheses, prioritize visibility gaps, and improve log coverage and detections. Guide Malware Analysis inputs into control tuning, sandboxing, and endpoint hardening strategies.
Incident Response: Serve as a technical lead during security incidents, advising on containment, eradication, and recovery playbooks. Conduct post-incident reviews; drive root cause remediation through architecture changes and hardening measures.
Testing & Offensive Security: Partner with Penetration Testing teams to scope tests and translate findings into architectural fixes and prioritized backlog items. Oversee Vulnerability Management governance; align with Endpoint Security Engineers and domain SMEs to ensure timely patching and compensating controls.
Governance, Risk & Compliance: Map controls to relevant frameworks and regulations (e.g., NIST CSF/800-53, ISO 27001, CIS Benchmarks, PCI-DSS, SOC 2). Contribute to policy development, exception management, and control attestation; support audits and assessments.
Key Skills & Qualifications:
10+ years in Information Security with hands-on security engineering/analysis and 3-5+ years in security architecture roles.
Strong knowledge of network protocols, firewalls, proxies, VPNs, segmentation, and zero trust concepts.
Expertise across operating systems (Linux/Windows), identity & access (AD/Azure AD, SSO, MFA, PAM), and endpoint security (EDR, hardening).
Cloud security depth in AWS and/or Azure: IAM, network controls (Security Groups/NSGs), KMS/Key Vault, logging/monitoring, container security, IaaS/PaaS security patterns.
Experience collaborating with SOC/IR, threat hunting, and vulnerability management teams.
Soft skills: excellent communication, influence, and stakeholder leadership; ability to simplify complex risks and drive outcomes.
Certifications (Preferred): CISSP, CISM, CCSP, AWS Security Specialty, Microsoft SC-100/SC-200, SANS/GIAC. Tools & Technologies (Nice-to-Have): SIEM/SOAR (Splunk, Sentinel), EDR/XDR (CrowdStrike, Defender), WAF/IDS/IPS, CASB, SASE/ZTNA, Cloud security tools (Prisma, Wiz, Defender for Cloud), IaC (Terraform), container security (EKS/AKS, admission controllers), Secrets management & KMS, PKI, DLP, Data Security Posture tools.
For applications and inquiries, contact: hirings@openkyber.com
Title: Identity Security Architect Location: [City, State or Remote/Hybrid Onsite] Employment Type: Contract Role Summary:
We are seeking a Mid-Senior Security Architect to design and evolve enterprise security architecture across on prem and cloud environments (AWS/Azure). This role will own high-level security frameworks and reference architectures, partner closely with SOC/IR/engineering teams to strengthen detection and response, and drive secure-by-design patterns across infrastructure, applications, and endpoints. The ideal candidate blends deep technical breadth with the leadership and communication skills to influence senior stakeholders and guide engineering teams. Core Responsibilities:
Architecture & Strategy: Create and maintain security reference architectures, blueprints, and roadmaps for network, endpoint, identity, cloud (AWS/Azure), and data protection. Define and govern security standards, patterns, and guardrails (e.g., network segmentation, zero trust, bastion patterns, key vaulting, least privilege). Lead architecture reviews and threat modeling for new platforms, services, and integrations; ensure secure-by-design principles. Partner with Infrastructure, Cloud, and App Engineering to translate business goals into resilient security architecture and control objectives.
Security Operations (Defense & Detection): Collaborate with the SOC to mature alerting, correlation, and detection engineering (SIEM/SOAR, EDR, cloud-native telemetry). Work with Threat Hunters to refine hypotheses, prioritize visibility gaps, and improve log coverage and detections. Guide Malware Analysis inputs into control tuning, sandboxing, and endpoint hardening strategies.
Incident Response: Serve as a technical lead during security incidents, advising on containment, eradication, and recovery playbooks. Conduct post-incident reviews; drive root cause remediation through architecture changes and hardening measures.
Testing & Offensive Security: Partner with Penetration Testing teams to scope tests and translate findings into architectural fixes and prioritized backlog items. Oversee Vulnerability Management governance; align with Endpoint Security Engineers and domain SMEs to ensure timely patching and compensating controls.
Governance, Risk & Compliance: Map controls to relevant frameworks and regulations (e.g., NIST CSF/800-53, ISO 27001, CIS Benchmarks, PCI-DSS, SOC 2). Contribute to policy development, exception management, and control attestation; support audits and assessments.
Key Skills & Qualifications:
10+ years in Information Security with hands-on security engineering/analysis and 3-5+ years in security architecture roles.
Strong knowledge of network protocols, firewalls, proxies, VPNs, segmentation, and zero trust concepts.
Expertise across operating systems (Linux/Windows), identity & access (AD/Azure AD, SSO, MFA, PAM), and endpoint security (EDR, hardening).
Cloud security depth in AWS and/or Azure: IAM, network controls (Security Groups/NSGs), KMS/Key Vault, logging/monitoring, container security, IaaS/PaaS security patterns.
Experience collaborating with SOC/IR, threat hunting, and vulnerability management teams.
Soft skills: excellent communication, influence, and stakeholder leadership; ability to simplify complex risks and drive outcomes.
Certifications (Preferred): CISSP, CISM, CCSP, AWS Security Specialty, Microsoft SC-100/SC-200, SANS/GIAC. Tools & Technologies (Nice-to-Have): SIEM/SOAR (Splunk, Sentinel), EDR/XDR (CrowdStrike, Defender), WAF/IDS/IPS, CASB, SASE/ZTNA, Cloud security tools (Prisma, Wiz, Defender for Cloud), IaC (Terraform), container security (EKS/AKS, admission controllers), Secrets management & KMS, PKI, DLP, Data Security Posture tools.
For applications and inquiries, contact: hirings@openkyber.com
