Principal Security Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

Yum! Brands · 1 day ago

Principal Security Architect

positionUnited States
timeFull-time
remoteRemote
seniorityLead/Staff
money$170K/yr - $195K/yr

Yum! Brands is seeking a Principal-level Senior Security Architect to shape enterprise security architecture across their global ecosystem. In this role, you will tackle enterprise-wide problem spaces, set strategic recommendations, and mentor other architects and engineers to enhance security across the organization.

Food and BeverageHospitalityRestaurants
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Author reusable reference architectures, patterns, blueprints, and decision frameworks. Lead end-to-end reviews and threat modeling for complex, cross-brand initiatives; resolve novel challenges with broad business impact and drive clarity amid uncertainty
Establish pragmatic architecture governance (principles, patterns, review mechanisms) that balances innovation with risk reduction; translate strategy into roadmaps and measurable outcomes (OKRs/KPIs)
Translate strategy into actionable roadmaps and multi-year control adoption plans; measure outcomes with meaningful KPIs
Define enterprise guardrails for AWS/Azure/GCP (landing zones, identity boundaries, network baselines, encryption, logging) and guide adoption at scale
Integrate security into CI/CD (SAST, DAST, IaC scanning, policy-as-code, artifact signing, SBOMs); influence platform roadmaps for secure delivery velocity
Advance container/Kubernetes security (runtime controls, supply-chain security, secrets management) and coach platform/product teams on cloud-native practices
Serve as principal consultant for complex cloud decisions; decisions typically span multiple departments/functions
Architect Zero Trust across workforce, workloads, and data; mature segmentation, continuous verification, and strong authentication
Guide enterprise IAM patterns (SSO, MFA, RBAC/ABAC, PAM) and standardize access models for least privilege at scale
Partner with platform and identity teams to modernize federation and entitlement lifecycle
Define enterprise data protection strategy (classification, end-to-end encryption, tokenization, key management, data residency) with cross-functional impact
Lead segmentation and secure access patterns aligned to Zero Trust; evolve secure edge and private access
Raise the quality of telemetry and detection engineering (logging standards, SIEM/XDR) with detections mapped to MITRE ATT&CK
Align architectures to PCI, SOX, GDPR, and internal risk frameworks; recommend practical compensating controls when constraints exist
Lead security assessments for emerging technology and third-party platforms; negotiate security outcomes with vendors
Communicate tradeoffs and risks to senior technical and business leaders; influence investment decisions and sequencing
Serve as a primary representative for Security Architecture in enterprise forums and technical councils; decisions typically affect multiple functions
Operate with limited supervision, using judgment in ambiguous situations; outcomes are reviewed via consultation and alignment
Mentor Staff/Principal architects and senior engineers; lead communities of practice; drive continuous improvement with metrics, threat intelligence, and post-implementation reviews

Qualification

Security ArchitectureCloud SecurityZero TrustRisk ComplianceCISSP CertificationAWS Security SpecialtyData Protection StrategyLeadershipMentoringCommunication Skills

Required

Author reusable reference architectures, patterns, blueprints, and decision frameworks
Lead end-to-end reviews and threat modeling for complex, cross-brand initiatives
Establish pragmatic architecture governance (principles, patterns, review mechanisms) that balances innovation with risk reduction
Translate strategy into actionable roadmaps and multi-year control adoption plans
Define enterprise guardrails for AWS/Azure/GCP (landing zones, identity boundaries, network baselines, encryption, logging) and guide adoption at scale
Integrate security into CI/CD (SAST, DAST, IaC scanning, policy-as-code, artifact signing, SBOMs)
Advance container/Kubernetes security (runtime controls, supply-chain security, secrets management)
Serve as principal consultant for complex cloud decisions
Architect Zero Trust across workforce, workloads, and data
Guide enterprise IAM patterns (SSO, MFA, RBAC/ABAC, PAM) and standardize access models for least privilege at scale
Partner with platform and identity teams to modernize federation and entitlement lifecycle
Define enterprise data protection strategy (classification, end-to-end encryption, tokenization, key management, data residency)
Lead segmentation and secure access patterns aligned to Zero Trust
Raise the quality of telemetry and detection engineering (logging standards, SIEM/XDR)
Align architectures to PCI, SOX, GDPR, and internal risk frameworks
Lead security assessments for emerging technology and third-party platforms
Communicate tradeoffs and risks to senior technical and business leaders
Serve as a primary representative for Security Architecture in enterprise forums and technical councils
Operate with limited supervision, using judgment in ambiguous situations
Mentor Staff/Principal architects and senior engineers

Preferred

CISSP, CCSP, CISM, AWS/Azure/GCP Security Specialty, TOGAF, or SABSA certifications
Experience in regulated or high-scale environments (retail/QSR, payments, consumer data)
Demonstrated impact establishing enterprise guardrails, control libraries, and architecture governance

Benefits

Bonus eligibility
Stock-based compensation

Company

Yum! Brands

twittertwittertwitter
Glassdoor4.2
company-logo
Yum! Brands is a quick-service restaurant brand that primarily operates the likes of KFC, Pizza Hut, and Taco Bell.
dateFounded in 1997
location
Louisville, Kentucky, USA
people-size1001-5000 employees
web-link
http://www.yum.com

H1B Sponsorship

Yum! Brands has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2021 (1)
2020 (2)

Funding

Current Stage
Public Company
Total Funding
$3.5B
2025-09-09Post Ipo Debt· $1.5B
2024-04-26Post Ipo Debt· $2B
1997-09-26IPO

Leadership Team

leader-logo
Christopher Turner
Chief Executive Officer
linkedin
leader-logo
Ranjith Roy
Chief Financial Officer
linkedin

Recent News

Indian Express
KFC operator Sapphire Foods’ merger with Devyani International to create QSR giant
2026-01-03
The Independent
The high street brands that closed stores in 2025
2025-12-29
London Evening Standard
Which high street brands closed stores in 2025?
2025-12-29
Company data provided by crunchbase