Apply on Employer Site

BambooHR · 1 day ago

Information Security Architect

Utah | Hybrid

Full-time

Hybrid

Senior Level

6+ years exp

BambooHR is a company that builds a people intelligence platform transforming HR. They are seeking an Information Security Architect to lead security architecture design across their cloud environment and corporate information systems, partnering with various teams to ensure secure and scalable technology solutions.

Human ResourcesSaaSSoftware

Culture & Values

H1B Sponsor Likely

Responsibilities

Lead the design and evolution of security architecture across cloud infrastructure, SaaS platforms, and corporate information systems, ensuring solutions are secure-by-design, scalable, and operationally sustainable

Own and maintain security architecture standards, reference architectures, and secure design patterns spanning identity and access management, data protection, logging/telemetry, endpoint security, and third-party integrations

Conduct and lead security architecture reviews for new systems, material changes, vendor tools, and integrations; document decisions, required control outcomes, and implementation guidance that teams can execute

Drive threat modeling and architectural risk assessments for strategic initiatives; translate findings into prioritized remediation plans and architecture improvements that balance risk reduction with usability and delivery velocity

Define and validate cloud security control expectations, including IAM, network segmentation, encryption and key management, secrets management, centralized logging, and least-privilege access models; validate adoption through partnership with engineering and IT

Influence detection and response architecture in collaboration with SecOps to improve visibility, telemetry quality, and response effectiveness; support investigations by providing architectural context and remediation guidance as needed

Partner with Security Engineering, Application Security, Security Operations, and GRC to ensure security controls are consistently designed and implemented across prevention, detection, response, and governance/audit domains (e.g., SOC 2, ISO 27001, and customer requirements)

Create clear and accessible architecture documentation (standards, diagrams, patterns, decision records) and communicate security tradeoffs effectively to both technical and non-technical stakeholders

Mentor and guide security practitioners and cross-functional partners by improving shared understanding, raising architectural maturity, and promoting consistent adoption of security patterns and secure-by-default approaches

Demonstrate an AI-forward mindset and proficiency by actively using AI tools to improve productivity, quality, and decision-making in security architecture and engineering workflows, and be able to speak to real-world examples of using AI to conduct work and to design and implement practical, secure solutions (e.g., accelerating architecture documentation, threat modeling, control validation, detection logic development, policy/standard drafting, or automating analysis)

Qualification

Security architecture designCloud securityIdentityAccess managementRisk assessmentAWSAzureGCPData protectionSaaS governanceSecurity certificationsAI proficiencyCommunicationOrganizational skillsMentoring

Required

Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent professional experience

6–7+ years of hands-on experience in information security, security engineering, cloud security, or closely related roles

Demonstrated experience leading security architecture or design decisions for production cloud and/or corporate environments

Strong working knowledge of at least one major cloud platform (AWS, Azure, or GCP), including IAM, networking, encryption, key management, and logging

Practical experience across corporate security domains such as identity and access management, endpoint security, SaaS governance, and data protection

Ability to independently assess risk, define security control objectives, and translate them into clear architectural guidance and implementation requirements

Ability to drive architectural consistency across diverse cloud and corporate systems with varying ownership and constraints

Experience balancing security risk reduction with delivery speed, usability, and operational realities

Excellent written and verbal communication skills, with the ability to influence and align technical and non-technical stakeholders

Strong organizational and prioritization skills; ability to manage multiple initiatives in a fast-paced environment

Experience in a SaaS or cloud-first organization

Preferred

Experience supporting SOC 2, ISO 27001, and customer security assessments

Familiarity with infrastructure-as-code, CI/CD pipelines, and cloud-native architectures

Experience with SSO/IdP platforms, MDM/endpoint management tools, and modern SaaS security controls

Security certifications such as AWS Security Specialty, CCSK, SSCP, CISSP (Associate or full), or equivalent

Benefits

Comprehensive health, life, and disability insurance

Generous leave policies that include 4 weeks of vacation, 12 company holidays, parental leave, and volunteer time off so you can enjoy quality of life

401k plans with up to 6% company match

$2000 Paid-Paid Vacation bonus

EAP through Headspace

Company

BambooHR

Glassdoor3.7

BambooHR is a SaaS-based company providing subscription-based HR software for SMEs.

Founded in 2008

Lindon, Utah, USA

1001-5000 employees

http://www.BambooHR.com

H1B Sponsorship

BambooHR has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (2)