Senior Lead Cloud Security Architect
Company: Cox Automotive
Location: Smyrna
Posted on: July 15, 2025
|
|
|
Job Description:
The Senior Lead Cybersecurity Architect is responsible for
defining the principles, standards, and design patterns to build
secure products and enterprise tools for all of Cox Automotive's
multi-cloud and on-premises environments. This position's
architecture focus is on securing multi-cloud infrastructure and
services and on-premises infrastructure. Peer cybersecurity
architects will be focused on application security, software as a
service (SaaS), and network security. This role will use their deep
cybersecurity knowledge in the designing and building of secure
infrastructure and services in both multi-cloud and on-premises
environments. They must be able to collaborate with
cross-functional teams throughout the organization and propose
well-defined cybersecurity architectural guidelines to be adopted
by product and enterprise engineering teams. This role will
directly report to the Senior Director of Cybersecurity
Architecture at Cox Automotive. Primary Responsibilities Identify
and recommend relevant cybersecurity policies, standards,
procedures, and guardrails. Drive the definition of cybersecurity
guidelines across the product and enterprise architecture group by
leading working groups focused on cybersecurity. Develop secure
design patterns in conjunction with the product and enterprise
architecture group based on standards that can be adopted and
implemented by engineering teams. Contribute to the development of
non-cyber architecture-related governance patterns, policies, and
standards. Provides complex analysis of potential risks to
information systems' security and recommends innovative solutions.
Work with cross-functional technical, development and delivery
teams to ensure the application of smooth, efficient and scalable
release processes. Engage with business teams and engineering teams
to define cybersecurity guardrails that promote efficient and
seamless adoption of secure design patterns. Participate in
security events and incident response to identify gaps in current
design and propose solutions to prevent threats from reoccurring.
Research and evaluate emerging security trends, threats, and
technologies, and recommend appropriate solutions and enhancements.
Collaborate with data users, software and other technical
stakeholders to ensure security considerations are factored into
and underpin development and operational decision making.
Collaborate with cybersecurity peers to incorporate vulnerability
management, governance, risk and compliance, cyber defense,
continuous controls monitoring, and identity governance into
cybersecurity standards as a cohesive cybersecurity organization.
Minimum Qualifications Bachelor's degree in a related discipline
and 8 years of experience in a related field. The right candidate
could also have a different combination, such as a master's degree
and 6 years of experience; a Ph.D. and 3 years of experience in a
related field; or 12 years' experience in a related field. At least
4 years focused on cybersecurity. Must have practical expertise in
AWS cloud infrastructure and services and on-premises
infrastructure. Clearly articulate the objective of specific
cybersecurity policies and procedures to technical and
non-technical stakeholders. Excellent customer service skills,
writing, and executive presentation skills. Develop a strong and
productive working environment with key stakeholders and
collaborate closely with other Cox entities' cybersecurity teams to
implement cybersecurity best practices. Consultative nature to work
through controversial or complex topics to employees, leaders,
and/or senior leadership. Evaluate risks and recommend actions
based on impact and likelihood of the risk to the business.
Knowledge of current cybersecurity and technology architectures
such as zero trust, IaaS, PaaS, SaaS, virtualization, and
containerization. Creatively solving complex cybersecurity
challenges while exhibiting solid, pragmatic business acumen.
Experience utilizing Agile methodologies. Initiating change and
deploying solutions in Fortune 1000 companies. Knowledge of
cybersecurity frameworks (e.g., ISO 27000, NIST, FFIEC) and
industry relevant regulations that will guide architectural
requirements (e.g., GDPR, FFIEC, GLBA). Preferred Qualifications
Experience in the development and design of cybersecurity standard
methodologies to all layers of the hosting and application stack in
both cloud and on-premises environments. Relevant experience with
application security, SaaS, network security, DevSecOps, and
software-defined networking across a variety of environments and
deployments. Knowledge of Identity and Access Management (IAM),
cryptography / key management, secrets management, access controls
and security protocols (e.g., multi-factor, SAML, OAuth, OIDC).
Experience with application security implementations and standard
methodologies. Extensive technology knowledge and recognized
expertise in several areas including Python, .NET, Java, Spring
frameworks, Oracle, serverless, cloud patterns, cloud service and
user authentication or similar. Experience with firewall, web
application firewalls, and other edge services as well as deep
understanding of DMZ and other network architectures. AWS
Well-Architected Framework. Experience establishing a strategy for
and implementing cloud enterprise solutions in AWS, GCP, or Azure.
A strong understanding of cloud containers and/or serverless
platforms (e.g., EKS, ECS, Lambda, Fargate). Big four consulting or
Fortune 500 company experience. Relevant industry certification
(e.g., CISSP, CEH, OSCP, Azure, AWS, CISM, CISA). USD 144,900.00 -
241,500.00 per year Compensation: Compensation includes a base
salary of $144,900.00 - $241,500.00. The base salary may vary
within the anticipated base pay range based on factors such as the
ultimate location of the position and the selected candidate's
knowledge, skills, and abilities. Position may be eligible for
additional compensation that may include an incentive program.
Benefits: The Company offers eligible employees the flexibility to
take as much vacation with pay as they deem consistent with their
duties, the company's needs, and its obligations; seven paid
holidays throughout the calendar year; and up to 160 hours of paid
wellness annually for their own wellness or that of family members.
Employees are also eligible for additional paid time off in the
form of bereavement leave, time off to vote, jury duty leave,
volunteer time off, military leave, and parental leave. Applicants
must currently be authorized to work in the United States for any
employer without current or future sponsorship.
Keywords: Cox Automotive, North Atlanta , Senior Lead Cloud Security Architect, IT / Software / Systems , Smyrna, Georgia
