Nortal · 2 months ago
Security Architect
US
Full-time
Onsite
Senior Level
$160K/yr - $220K/yrNortal is a global technology consulting company driving digital transformation in various sectors, including governments and healthcare. They are seeking a Lead Security Architect to design and implement a preventative security platform across cloud and hybrid environments, enhancing clients' security postures against evolving threats.
ConsultingInformation TechnologyProfessional ServicesSoftware
Responsibilities
Lead the design and definition of the comprehensive technical architecture for preventative cloud security platforms, including the integration strategy for core components like Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), and Security Information and Event Management (SIEM/SOAR) platforms
Architect the seamless integration of various security tools, including platforms like Wiz and Microsoft Defender for Cloud, ensuring data flows, correlation, and actionable insights across multi-cloud (Azure, AWS, GCP) and hybrid environments, including container orchestration platforms
Define the technical approach for enhancing visibility, risk prioritization, and threat detection, leveraging concepts like Security Graphs, attack path analysis, and contextual vulnerability management to identify critical risks and "toxic combinations"
Develop and optimize security policies, rules, and configurations within the integrated platform components to minimize false positives, ensure compliance with industry standards and regulations (e.g., CIS, NIST, PCI DSS, HIPAA, GDPR, SOC 2), and align with organizational security requirements
Collaborate with Security Operations Center (SOC) teams to define operational models, incident response procedures, and threat hunting methodologies that leverage the capabilities of integrated platforms
Champion DevSecOps principles, designing security controls and processes that are integrated into the Software Development Life Cycle (SDLC) and Infrastructure as Code (IaC) pipelines to prevent risks from reaching production environments
Provide technical guidance and expertise to implementation teams, internal stakeholders, and potential external consultants or managed service providers, ensuring the architecture is implemented correctly and efficiently
Translate complex technical concepts and risks into clear, understandable terms for various audiences, including technical teams and leadership
Potentially contribute technical justifications and architecture details for funding initiatives, such as the Microsoft ECIF program, including input into Statements of Work and projected consumption metrics
Qualification
Required
Extensive experience in designing and implementing security architectures for complex, large-scale cloud and hybrid environments
Deep technical expertise across major cloud platforms, including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP)
Proven experience with Microsoft Azure services, such as Microsoft Defender for Cloud (including CSPM and CWP plans), Azure Arc, Azure Data Explorer (ADX), Azure Sentinel, and Azure Active Directory Identity Protection
Strong understanding and practical experience with Cloud Native Application Protection Platforms (CNAPP), including agentless scanning, contextual risk analysis, and vulnerability management across multi-cloud environments
Experience with container security and platforms like Kubernetes or Red Hat OpenShift
Knowledge of threat modeling methodologies and applying frameworks like MITRE ATT&CK
Familiarity with key security compliance frameworks and standards (e.g., CIS, NIST, PCI DSS, HIPAA, GDPR, SOC 2)
Experience with security data logging, analysis, and querying, potentially using languages like Kusto Query Language (KQL)
Understanding of Identity and Access Management (IAM) principles and best practices in cloud environments
Excellent technical writing and communication skills, with the ability to create clear architectural documentation and present effectively to diverse technical and non-technical audiences
Experience integrating security into the Software Development Life Cycle (SDLC) and working with Infrastructure as Code (IaC)
Preferred
Experience with Wiz is highly desirable
Relevant cloud security certifications (e.g., CISSP, CCSP, Microsoft Azure Security Engineer Associate, Azure Solutions Architect Expert) are a plus
Knowledge of remediation-as-code and security orchestration
Experience with security data lakes or SIEM/SOAR platforms
Benefits
Collaborative & Agile Culture: Work alongside industry experts in a flat and flexible environment.
Continuous Learning: Access mentorship and professional development opportunities.
People-Oriented Workplace: Enjoy work-life balance, an international team culture, and flexible work arrangements.
Company
Nortal
Nortal is a professional services company, specializing in strategy and technology consulting and information technology services.
Founded in 2000
1001-5000 employees
H1B Sponsorship
Nortal has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2020 (2)
Funding
Current Stage
Late StageTotal Funding
$149.94MKey Investors
Enterprise Investors
2024-01-22Debt Financing· $54.39M
2019-05-29Debt Financing· $55.69M
2018-05-25Series Unknown· $13.99M
Leadership Team
P
Priit Alamäe
Founder and CEO
Recent News
2025-11-10
2025-11-10
2025-10-13
Company data provided by crunchbase