Security Architect

Job Description

We are seeking a highly skilled Security Architect to lead and drive our on-premises business engagements. This is a customer-facing, hands-on technical role responsible for designing, deploying, and supporting enterprise-scale solutions in complex customer environments. You will serve as the trusted technical advisor for customers, bridging Customer Success, R&D, and Product Management, and acting as the voice of the customer within the organization.
You will help customers architect secure, scalable, and high-performing deployments, oversee complex upgrades, and ensure the overall success of on-premises implementations.

Key Responsibilities

• Serve as the primary technical point of contact for on-premises deployments and upgrades.
• Engage directly with customers to understand their infrastructure, security requirements, and business objectives.
• Architect and design on-premises deployments aligned with customer needs, best practices, and security principles.
• Drive deployment, integration, and optimization of platforms in customer environments.
• Perform and oversee complex upgrades, migrations, and architecture transformations.
• Act as the escalation point for on-premises technical and deployment challenges.
• Collaborate with R&D, Product, and Support teams to drive continuous improvement and provide structured customer feedback.
• Provide technical guidance and mentorship to Professional Services and support engineers.
• Support proof-of-concept activities, architectural review, and security validation with customers.
• Participate in post-deployment reviews to ensure reliability, performance, and compliance with best practices.
• Represent the voice of the customer to internal teams, influencing roadmap and product decisions.
• Develop and maintain documentation, reference architectures, and deployment methodologies for on-premises environments.

Job Responsibilities

Required Qualifications

• Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or related technical field.
• 7+ years of experience in cybersecurity, infrastructure, or solution architecture roles.
• Strong expertise in on-premises deployments, including servers, storage, virtualization, and networking.
• Deep understanding of security architectures, endpoint protection, and defense-in-depth concepts.
• Hands-on experience with Linux, Windows Server, and enterprise IT ecosystems.
• Proven ability to design and deliver complex, high-availability enterprise deployments.
• Excellent customer-facing communication skills, capable of translating technical solutions into business value.
• Experience working with Professional Services teams and managing customer escalations.
• Strong problem-solving and troubleshooting skills in mission-critical environments.
• Familiarity with agile project delivery and cross-functional collaboration.

Preferred Qualifications

• Master’s degree in Cybersecurity, Computer Science, or Engineering.
• Relevant certifications: CISSP, CSSLP, CCSP, OSCP, CEH, or similar.
• Experience with endpoint detection & response (EDR), SIEM, or threat intelligence platforms.
• Working knowledge of cloud and hybrid architectures.
• Understanding of security compliance frameworks (NIST, ISO 27001, SOC 2, GDPR, etc.).
• Experience with DevOps/CI-CD processes for product deployment and upgrades.
• Scripting or programming familiarity (Python, Bash, PowerShell).
• Demonstrated ability to lead technical workshops, customer briefings, and architecture reviews.

Department/Project Description

The client is a product international company that provides a defence platform that enables development and security teams to protect critical workloads against emerging threats and undiscovered vulnerabilities with a lightweight agent that protects the organisation's public, private and hybrid cloud deployments on-premises data centres managed. In addition, it is an advanced endpoint detection and response platform, which gathers as much information as possible to detect and analyse complex threats while being as non-intrusive as possible, minimising the impact on the network and the endpoint.