Apply on Employer Site

INSPYR Solutions · 3 months ago

Platform Security Architect

Dallas, TX

Full-time

Hybrid

Senior Level, Lead/Staff

$200K/yr - $325K/yr

10+ years exp

INSPYR Solutions is a national expert in delivering flexible technology and talent solutions. They are seeking a Platform Security Architect who will partner with internal stakeholders and customer teams to define and implement security controls across the platform SDLC stack and CI/CD pipelines, ensuring compliance and security operational excellence.

Information TechnologyProfessional ServicesStaffing Agency

No H1B

U.S. Citizen Only

Responsibilities

Architect and design end-to-end security for the SDLC stack (repos, pipelines, artifact registries, deployment tooling)

Secure CI/CD pipelines: implement code scanning, dependency checks, artifact signing, and secrets management

Establish Security best-practices in Public Cloud and on-prem infrastructure with guidance on enforcement

Partner with external security teams to align and enforce policies and controls

Establish policy-as-code frameworks for automated compliance

Define and partner with DevSecOps teams to implement network security controls using service mesh, eBPF, and Cilium (network policies, L7 visibility, workload isolation)

Define and govern identity and access management models for platform and service workloads

Drive adoption of DevSecOps tooling across engineering teams, ensuring frictionless integration into delivery workflows

Define audit, logging, and compliance mechanisms across all pipelines and services

Design framework/ tooling to prove the meeting of security requirements with separation of duties for High Integrity environments

Drive Tracking and reporting of risks being raised against teams and ensuring completion on time

Provide security-focused ADRs (Architecture Decision Records) to capture architectural rationale

Coach engineering teams on secure design, threat modeling, and best practices

Qualification

DevSecOps toolingSecure architecturesIAMSecrets managementCI/CD securityScriptingAutomationContainer securityPolicy-as-code frameworksCompliance benchmarksCloud security certificationsCollaboration skills

Required

10-12+ years of experience in Security discipline

Expertise in DevSecOps tooling like Consul, Snyk, Trivy, Aqua, Anchore, SonarQube, HashiCorp Vault

Strong experience building secure architectures in the Public Clouds like AWS (preferably), Azure etc

Deep knowledge of IAM and secrets management (like ActiveDirectory, Vault, Okta, AWS IAM)

Experience with CI/CD security: artifact signing, SBOM generation, pipeline hardening, code scanning, dependency checks

Scripting ability & automation using IaaC tools

Experience with Container security aspects: k8s policies, service mesh, eBPF for observability, intrusion detection, and runtime enforcement; cluster hardening

Experience with Consul integrations with Kubernetes, Vault, or other relevant platforms

Proficiency in policy-as-code frameworks (e.g.OPA, Kyverno, Gatekeeper)

Familiarity with compliance benchmarks/frameworks like CIS, NIST, SOC2, GDPR

Cloud and Security oriented certifications (like CISSP, OSCP etc.) are highly desired

Excellent collaboration skills with security, engineering, and compliance stakeholders