CSafe
Cybersecurity Architect
The Cybersecurity Architect is responsible for designing, implementing, and maintaining secure architecture across the organization’s cloud environments, with a strong focus on Microsoft Azure. This role ensures that security is embedded in all aspects of identity, data, applications, and operations, aligning with Zero Trust principles and enterprise governance frameworks.
CSafe offers the most comprehensive suite of thermal shipping solutions for pharmaceutical cold chain shipping needs worldwide, ensuring patients receive the medicines and treatments they need. With operations in more than 70 locations, CSafe continues to deliver industry‑leading products and a client‑first focus, driven by curiosity, humility, accountability, and entrepreneurial spirit.
Key Responsibilities
Cloud Security Architecture and Engineering
Secure Azure architecture for cloud workloads, networking, data, and applications.
Implement Azure‑native security controls and patterns including: Identity and Access Security (Microsoft Entra ID, Conditional Access, MFA, PIM, PAW); Network Security (Azure Firewall, DDoS Protection, NSGs, Application Gateway (WAF), Private Link, Hub‑Spoke Topology); Data Security (Azure Key Vault, TDE, Always Encrypted, Confidential Computing); Threat Detection (Defender for Cloud, Endpoint, and Identity).
Design Zero Trust‑aligned architectures based on the Azure Security Benchmark, Cloud Adoption Framework (CAF), and Microsoft’s Enterprise‑Scale Reference Architectures.
Embed “security by design” into DevOps and CI/CD pipelines using automation, policy‑as‑code, and continuous compliance.
Integration and Collaboration
Partner with Enterprise Architecture and DevOps teams to implement security within Azure DevOps and GitHub pipelines.
Collaborate with external Managed Detection and Response partners to align detection, response, and identity/device security practices.
Governance, Risk, and Compliance (GRC)
Develop and maintain cloud security governance frameworks aligned to NIST Cybersecurity Framework, Azure Security Benchmark, and CIS Controls.
Define and enforce Azure Policy and Blueprints for compliance automation and regulatory reporting (NIST 800‑53, ISO 27001, SOC 2, etc.).
Lead security risk assessments and threat modeling for new Azure workloads and services.
Support audits, remediation plans, and continuous improvement of Microsoft Secure Score and overall maturity.
Innovation and Continuous Improvement
Evaluate emerging Azure and AI‑based security technologies to strengthen detection, response, and automation.
Drive architecture improvements that reduce vulnerabilities, minimize attack surface, and optimize cloud posture.
Promote best practices through documentation, training, and architecture reviews.
Qualifications
Bachelor’s degree in Information Security, Computer Science, or related field.
7+ years of experience in cybersecurity architecture, with 3+ years focused on Microsoft Azure security.
Deep expertise in Azure‑native security services and Zero Trust design.
Hands‑on experience with Defender for Cloud, Azure Policy, Entra ID, and Azure Firewall.
Microsoft Certifications
Microsoft Certified: Cybersecurity Architect Expert (SC‑100)
Microsoft Certified: Azure Solutions Architect Expert (AZ‑305)
Strong understanding of NIST CSF, CIS Controls, and Cloud Adoption Framework.
Benefits
Paid Time OFF (PTO) starting at 25 days & Paid Holidays
Medical, Dental and Vision Insurance
401(k) with Employer Match
Group Life & Disability
Health Spending Account Options
Identity Protection
Employee Assistance Program
Travel Assistance Program
Financial Wellness Program
Tuition Reimbursement
Referral Program
Hybrid Work Options
An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
#J-18808-Ljbffr