Senior Enterprise Security Architect & Automation Engineer

Florida, Inc
Tallahassee, United States of America
14 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 110K

Job location

Tallahassee, United States of America

Tech stack

Microsoft Windows
API
Artificial Intelligence
Business Software
Software as a Service
Cloud Computing
Configuration Management
Code Review
CompTIA Security+
Computer Security
Information Systems
Computer Engineering
Continuous Integration
Data Security
Programming Tools
Digital Forensics
Issue Tracking Systems
Information Technology Operations
Internet Protocol
IPv4
Information Systems Security Architecture Professional
Microsoft Networking
Systems Development Life Cycle
Cloud Services
Software Deployment
Software Engineering
Data Streaming
Systems Integration
Workflow Management Systems
Data Logging
Enterprise Software Applications
Delivery Pipeline
Software Security
Cyber Threat Analysis
Kubernetes
Information Technology
Network Server
Security Orchestration, Automation & Response
Static Application Security Testing
Dynamic Application Security Testing

Job description

The Senior Enterprise Security Architect and Automation Engineer (SSAE) serves as a senior technical leader within the Office of Information Security and is responsible for advancing the technical maturity of SBA's enterprise security architecture, security engineering capabilities, and security automation program. The incumbent evaluates enterprise systems, infrastructure, cloud services, applications, data flows, and software delivery pipelines to identify architectural weaknesses, control gaps, integration opportunities, and operational inefficiencies. The role designs, implements, and continuously improves security technologies, automation workflows, and engineering processes that strengthen prevention, detection, response, resilience, and secure adoption of emerging technologies, including AI-enabled operations.

The incumbent works closely with Information Technology, application owners, infrastructure teams, development resources, vendors, and internal stakeholders to define secure architecture patterns, embed security into technology workflows, improve remediation velocity, and enable scalable security operations. Unlike a primarily operational analyst role, this position is expected to independently lead technical design, engineering, integration, and automation initiatives across the enterprise.

30% - Enterprise Security Architecture and Engineering

  • Assesses SBA's enterprise architecture, including infrastructure, cloud platforms, business applications, identity systems, data flows, integration points, and administrative workflows, to identify security risks, design weaknesses, and opportunities for control enhancement
  • Evaluates current and proposed technologies for alignment with SBA security requirements, architectural standards, resilience objectives, and operational efficiency goals
  • Develops and maintains security architecture patterns, technical standards, reference designs, and implementation guidance for enterprise systems and services
  • Partners with Information Technology and business stakeholders to incorporate security requirements into infrastructure modernization, system integration, application deployment, and operational change initiatives
  • Recommends and designs enhancements to improve segmentation, hardening, privileged access controls, logging, secure administration, and resilience across enterprise environments

30% - Security Automation and Orchestration

  • Designs, implements, and improves automated security workflows to reduce manual effort, increase consistency, and accelerate remediation
  • Leads implementation of automated vulnerability patching and secure configuration update processes, in coordination with infrastructure, endpoint, server, and platform owners
  • Identifies opportunities to integrate security tools, IT operations platforms, ticketing systems, logging platforms, identity systems, development tools, and asset repositories to streamline workflows and improve operational visibility
  • Engineers automation routines, scripts, orchestration logic, and system integrations to support repeatable security operations, control validation, evidence collection, reporting, and response actions
  • Works with OIS leadership to define automation priorities that improve mean time to detect, mean time to respond, remediation cycle times, and control reliability

20% - AI-Enabled Security Operations and Advanced Technical Capability

  • Evaluates, designs, and helps implement technologies and workflows that support AI-enabled security operations, including enrichment, correlation, prioritization, workflow acceleration, analyst support, and secure use of AI within security processes
  • Assesses architectural and governance implications of emerging AI technologies used within the enterprise and within security operations
  • Recommends technical safeguards, integration controls, and oversight mechanisms for AI-related tooling, data access, and workflow design in coordination with OIS leadership and relevant stakeholders
  • Supports development of an adaptable technical stack that enables modern security operations without compromising governance, confidentiality, or operational control

15% - Secure SDLC, CI/CD, and Application Security Enablement

  • In coordination with the Director of Applications Development, assesses SBA's software development lifecycle and CI/CD processes to identify security gaps and opportunities for earlier and more automated control enforcement
  • Implements, improves, or coordinates static application security testing, dynamic application security testing, software composition analysis, secret scanning, infrastructure as code scanning, and software bill of materials capabilities, as appropriate to SBA's environment
  • Defines secure pipeline requirements and promotes integration of security checks into build, test, release, and deployment workflows
  • Partners with developers, administrators, and solution owners to reduce code and dependency risk, improve remediation processes, and strengthen supply chain assurance
  • Establishes processes for tracking findings, validating remediation, and reporting on application security posture

05% - Performs other duties as assigned

Requirements

Do you have experience in Writing skills?, Do you have a Bachelor's degree?, Five years of related experience. A postsecondary degree may be used as an alternative for years of direct experience.

Preferences:

  • A bachelor's degree from an accredited college or university in cybersecurity, digital forensics, computer science, computer engineering, management information systems, or a related field

Verifiable experience conducting the following:

  • Experience designing or assessing enterprise security architecture across hybrid environments
  • Experience implementing security engineering controls in cloud, SaaS, infrastructure, identity, and application environments
  • Experience evaluating or securing CI/CD pipelines and software development workflows
  • Experience implementing or managing SAST, DAST, SCA, SBOM, secrets scanning, infrastructure-as-code scanning, or related application security tooling
  • Experience automating security operations, patching, configuration management, workflow orchestration, or control validation
  • Experience integrating security platforms, IT operations tools, ticketing systems, and identity/data sources through APIs, scripts, or orchestration platforms
  • Experience assessing or implementing AI-enabled operational workflows in a controlled enterprise environment

One or more of the following certifications:

  • CompTIA Security+, CompTIA CySA, EC-Council Cybersecurity Analyst (E|CSA), Certified Ethical Hacker (CEH), Certified Incident Handler (CIH), Certified in Cybersecurity (CC), Systems Security Certified Practitioner (SSCP), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other security-related or relevant IT certifications

Knowledge, Skills and Abilities:

  • Knowledge of information security best practices
  • Knowledge of the principals of social engineering
  • Knowledge of emerging cybersecurity threats, vulnerabilities, and attack techniques through continuous research and study
  • Knowledge of Microsoft Windows operating systems for workstations and servers
  • Knowledge of Microsoft networking
  • Knowledge of IPv4
  • Knowledge of IP protocol and networks
  • Expert skill in complex problem solving
  • Skill in critical thinking, logic, and reasoning
  • Skill in time management and adhering to project schedules
  • Skill in efficiently utilizing available resources and establishing priorities
  • Ability to work with minimal guidance and accountability
  • Ability to quickly learn new tools and techniques to keep up with technology's rapid change
  • Ability to perform as a team player committed to working with technical and non-technical peers
  • Ability to express ideas clearly, both verbally and in writing
  • Ability to establish and follow processes and procedures

Apply for this position