Senior Security Architect

Role Summary: This role performs advanced security engineering work designing and implementing secure software systems, conducting threat modeling, and developing cloud-native security architecture for distributed services. The role applies specialized knowledge of software security engineering, secure system design, and cloud security to guide secure implementation across Machine Identity Management (MIM) products and platforms.

The position supports security architecture and secure development practices for distributed cloud services and identity security platforms that protect cryptographic identities, certificates, and secrets used by applications, services, and infrastructure.

About the Team:

You’ll join the Product Security team and partner directly with Engineering (Development and SRE) to embed security into how we design, develop, deploy, and operate software for Machine Identity Management (MIM).

About the Role:

As a Senior Security Architect in Product Security, you will strengthen the security posture of Machine Identity Management (MIM) products and platforms by applying advanced security engineering expertise to system design and development decisions. The role requires hands-on experience with secure system architecture, threat modeling, and cloud-native security controls to ensure that distributed services are designed and implemented with strong security foundations.

This is a highly technical role requiring deep hands-on experience in secure system design, threat modeling, and cloud-native security architecture. The position requires applying advanced engineering knowledge to guide secure implementation across distributed services and product platforms.

Responsibilities

• Partner with engineering teams to integrate security engineering practices throughout the Secure Software Development Lifecycle (SSDLC), including threat modeling, secure design reviews, and CI/CD security controls.
• Provide security architecture guidance for identity and cryptographic systems including PKI, certificate lifecycle management, TLS infrastructure, and secrets management platforms used across distributed services.
• Provide security architecture guidance for product and platform designs, applying security engineering principles to ensure distributed systems and services are implemented with secure architecture patterns.
• Lead implementation of security engineering initiatives that improve development processes and tooling.
• Define and maintain secure development standards, patterns, and guardrails for cloud-native and distributed systems.
• Conduct and guide threat modeling and security risk assessments for new features and architectures.
• Deliver security enablement: training, mentoring, and awareness sessions for engineers and security champions.
• Support incident response readiness for products and drive post-incident security improvements.
• Stay ahead of emerging threats and technologies, updating security policies and practices accordingly.
• Collaborate on AI/ML security for safe model integration and data protection aligned with evolving standards.

#LI-Hybrid
#LI-HA1

• 6+ years in software development and 5+ in security, including 3+ in a security architecture or technical leadership role.
• Strong engineering background with hands-on experience that informs secure design and threat modeling.
• Requires deep technical knowledge of secure system architecture, distributed systems security, and cloud-native security design.
• Proven ability to partner with Engineering teams to embed security without slowing delivery.
• Deep knowledge of SSDLC, secure coding, and cloud security (AWS preferred).
• Experience with AI/ML security considerations.
• Expertise in threat modeling and secure design reviews (STRIDE, PASTA, or equivalent).
• Familiarity with frameworks like OWASP, NIST, CSA.
• Excellent communication and leadership skills; fluent in English.
• Practical experience with security tools and cloud-native technologies.

Education Requirement

• A Bachelor’s degree or higher in Computer Science, Computer Engineering, Cybersecurity, or a related technical field, or the foreign equivalent, is required. The position requires the application of highly specialized knowledge in software security architecture, secure system design, and cloud-native security engineering.

Preferred (Nice-to-have):

• Exposure to FedRAMP or similar compliance frameworks.
• Interest in sharing knowledge (e.g., blogs, talks, open source contributions).
• Familiarity with security testing and research techniques.
• Experience improving security maturity in Agile or DevSecOps environments.
• Passion for mentoring engineers in secure design and development.

Location & Work Setup

Location
Salt Lake City, UT (primary work location), with hybrid onsite requirements.

Expectation: 3 days in office per week.

CyberArk is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status. 

The salary range for this position is $150,000 – $205,000/year, plus equity or discretionary bonus, which will be based on the employee’s performance. Base pay may also vary considerably depending on job-related knowledge, skills, location and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits.