Security Architect

We're looking for aSenior Security Architect to join our team in Spain in a remote working mode, with work hours overlapping until 3 PM EST. This long-term role involves leading security architecture efforts and implementing advanced cybersecurity platforms for a global financial organization. You will play a key role in designing, deploying, and enhancing security controls across infrastructure, applications, endpoints and cloud systems, ensuring enterprise-wide confidentiality, integrity and availability.

This is your opportunity to work on mission-critical cybersecurity architecture initiatives that safeguard financial systems at a global scale, leveraging cutting-edge security platforms and zero-trust principles.

Responsibilities

• Design and implement security architectures for network, cloud, and endpoint platforms, ensuring alignment with reference standards and regulatory requirements
• Configure, deploy and manage enterprise security tools, including EPP, EDR, XDR, CWPP for multi-OS environments and containerized platforms
• Provide security hardening, vulnerability remediation plans, and automated security integration with development pipelines (DevSecOps)
• Integrate and optimize SIEM and Security Log Management platforms (e.g., Splunk, LogRhythm, Sentinel)
• Oversee Network Detection & Response (NDR) deployment and tuning for advanced traffic and threat analysis
• Collaborate with Information Security Governance teams to maintain secure baseline configurations across infrastructure layers
• Support or lead security tool upgrades, introducing new technologies to improve threat detection and response
• Define architectural requirements and detailed procedures for tool selection, placement, and integration across cloud and on-prem environments
• Work closely with MSPs, monitoring output vs SLAs for operational security services
• Contribute to KPI, KRI and SLA metrics reporting for security programs
• Lead capacity monitoring design and automation for scaling enterprise security platforms

Requirements

• Extensive hands-on experience in security engineering and cybersecurity architecture within enterprise environments
• Proven expertise in Endpoint and Cloud Workload Protection (Windows/Linux/MacOS, EPP, EDR, CWPP)
• Proven expertise in SIEM and log management (Splunk or equivalent)
• Proven expertise in network and cloud security foundations; NDR tools such as Darktrace, Vectra AI, and ExtraHop preferred
• Proven expertise in database and application security (IBM Guardium, Oracle Data Safe)
• Strong knowledge of DevSecOps practices, automation frameworks and toolchains (Azure DevOps, Jenkins, Git, Maven, Nexus)
• Practical experience with scripting languages (e.g., PowerShell, Python, Bash) for automation and integration
• Familiarity with PKI best practices, certificate/key management and security orchestration (SOAR)
• Ability to respond to security incidents, zero-day threat scenarios and advanced enterprise attack vectors
• Excellent problem-solving, decision-making and stakeholder engagement skills
• Fluent English; excellent written and verbal communication

Nice to Have

• Experience supervising upgrades of enterprise security technology stacks
• Exposure to capacity monitoring, scaling automation and AIOps-driven observability solutions
• Knowledge of ITIL processes and MSP governance practices
• Relevant security certifications (e.g., CISSP, CISM, CISA, CCSK)