Role: Head of Cybersecurity Engineering and Architecture
Full-time
Location: St. Paul, MN - Hybrid
No 3rd party, No sponsorship
This role is responsible for leading the design, development, and implementation of the organization’s cybersecurity architecture and engineering strategies. This role ensures that security principles are embedded into all IT and business initiatives, protecting the company’s assets, data, and infrastructure against evolving cyber threats and in compliance with regulatory standards such as CMMC, ISO 27001, NIST CSF, NIS2, and industry-specific frameworks (TOGAF, SABSA).
RESPONSIBILITIES:
Leadership & Team Management
• Build, mentor, and lead a team of cybersecurity architects and engineers, fostering a culture of innovation and continuous improvement.
• In collaboration with the security awareness team, provide guidance and training on security best practices to IT teams, developers, and business units.
• Act as a senior advisor to executives and key stakeholders on cybersecurity risks and strategies.
Cybersecurity Architecture & Strategy
• Develop and maintain a comprehensive cybersecurity architecture framework that aligns with business objectives and regulatory requirements.
• In collaboration with the IT Governance, Risk, and Compliance (GRC) team, develop and implement technical standards and best practices to ensure compliance with IT policies and control objectives for enterprise IT, cloud, and emerging technologies. This includes specifying configurations, protocols, and procedures that align with these policies and objectives.
• Provide strategic direction on security infrastructure, identity management, data protection, and threat mitigation techniques. This includes defining architectural standards and patterns, and incorporating threat modeling into reference architecture.
• Collaborate with IT and business teams to integrate security into cloud, DevOps, data, and application architecture. Define security controls for emerging technologies including AI, IoT
Security Engineering & Technology Implementation
• Oversee the design, deployment, and maintenance of security technologies, including firewalls, intrusion detection systems, endpoint protection, encryption, and cloud security controls.
• Lead security technology evaluations and recommend solutions to enhance the organization’s security posture.
• Ensure security tools and processes integrate seamlessly with IT and DevOps environments.
Risk Management & Compliance
• Collaborate with risk management teams to assess and mitigate cybersecurity risks across the organization.
• Ensure architecture designs and related implementations follow the appropriate regulatory frameworks and industry standards such as NIST, ISO 27001, GDPR and PCI-DSS.
• Work closely with internal and external auditors to address security gaps and remediate vulnerabilities.
Threat Intelligence & Incident Response Support
• Collaborate with security operations teams to enhance threat intelligence, detection, and response capabilities.
• Support incident response efforts by providing architectural insights and forensic analysis recommendations.
• Support the adoption of automation and AI-driven security technologies to improve threat detection and response
SKILLS AND EXPERTISE:
• Bachelor’s degree or higher (completed and verified prior to start).
• Seven plus (7+) years of experience in Cybersecurity in a private, public, government, or military environment.
• Three plus (3+) years in a vulnerability management leadership role.
• CISSP certification or one of the following certifications: CISM, OSCP or GIAC.
• Experience in operating and managing a vulnerability management program in a large enterprise environment with a global footprint.
• Ability to engage stakeholders at different levels to drive vulnerability reduction across the environment.
Additional preferred qualifications:
• AWS/Azure security certifications.
• Excellent communication, negotiation, and relationship-building skills.
• Strong analytical and problem-solving skills.
• Strong ability to influence and collaborate across cross-functional teams.
• Strong knowledge of cybersecurity frameworks and standards (e.g., CMMC, NIST CSF, ISO 27001, COBIT, or NIS2).
• Experience with automated vulnerability management tools and processes.
• Familiarity with regulatory compliance requirements and audit processes.
• Ability to stay current with the latest cybersecurity trends and threats.