Senior Information Security Architect

We have a 6-month contract to hire position open for a Security Architect role. The position is 100% remote.

Priorities for this role are:

1. Telephony

2. IoT

3. AI

4. Core Platforms - AWS / Azure / Applications

5. Infrastructure - security

1. Telephony Security

This is the most critical area because the company's revenue, operations, customer service, and potentially emergency communications rely on voice and telecom services.

What this person needs to architect

Voice Network Security, i.e SIP security, RTP/SRTP encryption, SBC (Session Border Controller) architecture, SIP trunk security, Carrier interconnect security, Voice routing security, VoIP infrastructure hardening

Telecom Fraud Prevention - Toll fraud, SIP registration hijacking, Call pumping, Caller ID spoofing, Robocall mitigation

Telecom Availability - DDoS protection, SIP flood mitigation, Carrier failover, Voice redundancy, Business continuity

2. IoT Security - Mobile devices, IoT ecosystems, endpoint provisioning, and edge environments. Device Security, Device identity, Device certificates, Secure onboarding, Device provisioning, Firmware validation, Secure boot, Firmware updates, Vulnerability management, Device retirement, Certificate rotation

Network Security – Segmentation, NAC, Microsegmentation, Edge security

Monitoring - Device telemetry, Behavioral analytics, IoT threat detection

3. AI Security & Governance - LLM security, Agentic AI security, AI governance, AI risk management

AI Governance

4. Core Platforms (AWS / Azure / Applications

AWS Security, IAM, Organizations, SCPs, Security Hub, GuardDuty, KMS, VPC Security, Transit Gateway security

Azure Security, Entra ID, Conditional Access, Defender, Sentinel, Azure Policy

Application Security, Secure SDLC, Threat modeling, API security, DevSecOps, Container security

5. Infrastructure Security

Network Security, Endpoint Security, Vulnerability Management, Rapid7, Patch governance, Risk-based remediation

Security Monitoring - SIEM architecture, Log management, Detection engineering

Incident Response Architecture – Playbooks, Escalation paths, Threat intelligence integration

Position Summary:

The Information Security Architect will lead the design and implementation of enterprise-wide security architecture across diverse domains - corporate IT, telecom infrastructure, mobile networks, and IoT ecosystems. This role ensures that all technology assets - spanning cloud, hybrid, and on-prem environments - are protected with a defense-in-depth approach that aligns with industry best practices and regulatory mandates including FCC and HIPAA.

The Security Architect will partner closely with the Security Operations (SecOps), Network Engineering, Cloud, and AI Innovation teams to design resilient, compliant, and scalable security frameworks. A key focus will be defining AI security guardrails—particularly around Agentic AI systems, data privacy, and model governance.

This is a Remote/Work from Home position reporting to the Sr. Director of Enterprise Architecture.

What you will do:

Security Architecture & Design

• Develop and maintain the enterprise security architecture framework covering IT, telecom, mobile, and IoT platforms.
• Lead & partake in enterprise-wide cybersecurity initiatives, aligning with industry frameworks (NIST, ISO, CIS).
• Define zero-trust architecture patterns for multi-cloud (AWS, MS Azure) and hybrid environments.
• Evaluate and recommend new security technologies and processes to address evolving threats.
• Define and ensure clear direction for configuration, monitoring, and hardening of Cisco security infrastructure including firewalls, VPNs, and intrusion prevention systems.
• Define and oversee policies & guidelines for vulnerability management programs, and leveraging tools such as Rapid7.
• Ensure security-by-design principles are embedded in all technology initiatives, including product development and infrastructure modernization.
• Partner with Enterprise Architecture and Tech Ops teams to align security blueprints with overall technical standards and business capabilities.

AI and Data Security

• Define AI/ML and Agentic AI security guardrails, including model access, prompt sanitization, model drift monitoring, and data provenance controls.
• Develop governance policies for secure use of AI APIs, LLMs, and autonomous agent frameworks.
• Ensure AI data pipelines comply with FCC, HIPAA, and privacy regulations.
• Collaborate with data teams to ensure data protection, encryption, and masking are applied consistently across AI workloads.

Telecom, Mobile & IoT Security

• Architect security for voice and telecom networks, including signaling protocols (SIP, RTP) and device provisioning systems.
• Establish secure configurations and firmware lifecycle management for mobile devices and IoT endpoints.
• Oversee encryption, authentication, and network segmentation across IoT and edge environments.
• Ensure telecom infrastructure aligns with FCC, CPNI and CALEA requirements.

Governance, Risk & Compliance

• Maintain alignment with FCC, HIPAA, NIST 800-53, ISO 27001, and CIS standards.
• Support security risk assessments, audits, and remediation planning.
• Define key security metrics, controls, and architecture review processes.
• Collaborate with Legal, Compliance, and Audit functions to ensure ongoing regulatory readiness.

Collaboration with SecOps

• Work closely with the Security Operations Center (SOC) on threat modeling, detection strategy, and incident response architecture.
• Contribute to threat intelligence integration and SIEM architecture design.
• Support vulnerability management and secure configuration baselines across environments.

Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or related field. Master’s preferred.
• 7+ years of progressive experience in Information Security Architecture & Operations roles.
• Certifications: CISSP, CCSP, SABSA, CISM, TOGAF, AI Security Specialist.
• Deep understanding of network, cloud, and application security across telecom, IT, and IoT ecosystems.
• Experience designing and securing AI/ML platforms including governance of LLMs and agentic AI tools.
• Proven experience with regulatory frameworks (FCC, HIPAA, NIST, ISO 27001).
• Hands-on experience with cloud-native security (AWS, Azure, GCP) and Dev Sec Ops tooling.
• Experience with endpoint detection and response (EDR) platforms, ideally Crowdstrike.
• Hands-on expertise with vulnerability management and SIEM platforms, including Rapid7.
• Strong understanding of network security, including Cisco firewalls, VPNs, and intrusion prevention.