Security Architect Manager (Corporate & Cloud Security)

The role

Nebius is looking for an experienced Security Architect Manager to join the Cyber Security organization, reporting to the Head of Security Engineering uner the CISO.

This role is responsible for leading the organization’s security architecture across corporate networks and cloud environments, ensuring secure design and implementation of enterprise infrastructure at scale.

The ideal candidate combines deep expertise in network and cloud security with strong leadership capabilities. You will define and drive security architecture across hybrid environments, working closely with IT, Infrastructure, Network, DevOps, and Security teams to ensure robust, scalable, and resilient security controls.

Your responsibilities will include: 

• Lead and manage the security architecture domain, including security architects and/or senior engineers.
• Define and maintain security architecture standards, guidelines, and reference designs across corporate and cloud environments.
• Act as the primary authority on enterprise security architecture across networks, identity, endpoints, and cloud platforms.
• Design and evolve secure enterprise network architectures, including segmentation, Zero Trust, and hybrid connectivity.
• Define and enforce security controls for corporate networks, data centers, and remote access solutions (ZTNA, proxies, NAC).
• Lead architecture and selection of network security technologies (e.g., firewalls, secure gateways, access control solutions).
• Lead security architecture across cloud platforms and hybrid environments.
• Define secure reference architectures for cloud networking, identity, and workload protection.
• Ensure proper implementation of cloud security controls, including IAM, segmentation, encryption, and monitoring.
• Define security architecture for endpoints and identity, including EDR/XDR, device hardening, SSO, MFA, and privileged access.
• Ensure secure baseline configurations and access control mechanisms across corporate and cloud environments.
• Identify architectural risks and security gaps and drive mitigation strategies across infrastructure and cloud environments.
• Establish and enforce architecture review processes and governance for new systems and changes.
• Collaborate with SOC, Vulnerability Management, IT, and Infrastructure teams to improve overall security posture.
• Contribute to the cyber security strategy and roadmap, including adoption of modern models such as Zero Trust.

We expect you to have: 

• 7+ years of experience in cyber security, with a strong focus on network and cloud security.
• 2+ years of experience leading or managing security architects or senior security engineers.
• Deep expertise in enterprise network security (firewalls, segmentation, VPN, proxies, NAC, etc.).
• Strong hands-on experience with cloud platforms (AWS, GCP, Azure) and cloud security best practices.
• Strong understanding of identity and access management (IAM), Active Directory / Entra ID, and privileged access controls.
• Experience securing hybrid environments (on-premise + cloud).
• Hands-on experience with enterprise security technologies (e.g., Palo Alto, Check Point, Cisco, Zscaler, CrowdStrike, Microsoft Defender).
• Strong understanding of Zero Trust architecture principles.
• Experience working cross-functionally with IT, Infrastructure, Network, DevOps, and Security teams.
• Excellent analytical, problem-solving, and communication skills in English.

It will be an added bonus if you have: 

• Experience designing and implementing Zero Trust or network segmentation programs.
• Familiarity with cloud-native security tools (e.g., Wiz, Prisma Cloud, Defender for Cloud).
• Experience with enterprise identity platforms (Entra ID / Azure AD, Okta, etc.).
• Knowledge of regulatory and compliance frameworks (ISO 27001, SOC 2, NIST, etc.).
• Experience in large-scale enterprise or high-growth environments.
• Relevant certifications such as CISSP, CCSP, or equivalent.
• BSc in Computer Science, Information Security, or a related field.