We support Swiss SMEs in their international business and help innovative foreign companies to establish in Switzerland.
Principal Cybersecurity Architect – Application & Data
Location
United States
Posted
1 day ago
Salary
$145.4K - $242.4K / year
Seniority
Lead
Job Description
Principal Cybersecurity Architect – Application & Data
Switzerland Global Enterprise
• serve as a senior technical leader responsible for securing enterprise applications, data platforms, and digital services across cloud and hybrid environments • partner with application teams, data engineering, and platform teams to ensure that security is built into application design, development, and data lifecycle management from inception • lead the development of security strategies for enterprise applications, APIs, SaaS platforms (including M365), and data platforms such as Databricks • ensure alignment with enterprise policy, regulatory requirements, and Zero Trust principles • lead security architecture reviews for enterprise applications, APIs, and SaaS integrations to ensure alignment with security standards and policies • identify risks, control gaps, and non-compliant patterns across application and integration architectures • define required application security controls across the SDLC • provide architecture approvals, conditional approvals, and remediation guidance • publish Risk Assessment Reports that include threats and mitigating controls aligned to GEV policies and standards • define security architecture for data platforms (e.g., Databricks), data lakes, and analytics environments • establish controls for data classification, encryption, access governance, and secure data sharing • partner with data engineering teams to implement secure data pipelines and controls • lead threat modeling and risk analysis for applications, APIs, and data platforms using industry frameworks (e.g., MITRE ATT&CK, OWASP) • define and enforce secure design patterns for applications and integrations • ensure security controls are incorporated early in architecture and design phases • define secure integration patterns for M365, Microsoft Graph API, and SaaS platforms • review application permissions, identity models, and data access controls for SaaS integrations • ensure compliance with enterprise identity, access management, and governance standards
Job Requirements
- 10+ years of cybersecurity experience with strong focus on application and data security architecture
- 3+ years in senior/principal-level architecture roles in large enterprise environments
- Deep expertise in application security (AppSec), including secure SDLC, API security, and microservices security
- Experience securing data platforms (e.g., Databricks, data lakes, analytics platforms)
- Strong understanding of SaaS security (M365, APIs, Graph integrations)
- Experience with threat modeling frameworks (MITRE ATT&CK, OWASP)
- Knowledge of identity and access management (IAM), SSO, and federation
- Proven experience defining enterprise security standards, patterns, and architectures
- Strong communication and stakeholder influence skills
Benefits
- medical, dental, vision, and prescription drug coverage
- access to Health Coach from GE Vernova, a 24/7 nurse-based resource
- access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services
- GE Vernova Retirement Savings Plan
- tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions
- access to Fidelity resources and financial planning consultants
- tuition assistance
- adoption assistance
- paid parental leave
- disability benefits
- life insurance
- 12 paid holidays
- permissive time off
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Design and implement security measures to protect company data from unauthorized access, disclosure, and misuse. • Partner closely with the Detection & Response team to maintain full visibility into enterprise access, networks, and devices. • Deploy and manage security tools across Discord's corporate infrastructure. • Establish security standards that provide strong protection while enabling smooth workflows. • Develop and deliver security awareness training for employees. • Shape and enforce Discord's IT and security policies. • Build secure, sustainable environments using modern principles like "secure by design" and “zero-trust” network architecture, without relying on traditional VPN setups. • Foster a security-conscious culture by guiding employees on data protection best practices. • Partner cross-functionally with IT, Engineering, Workplace, and other teams to achieve security objectives
• Deliver major features and architectural improvements across the Add-ons stack, including automated moderation pipelines, Reviewer tools, and DevHub. • Create robust observability systems and data-backed insights. • Provide peer feedback, share knowledge and help others grow. • Improve platform reliability through deployments, monitoring, and incident response. • Help keep the platform safe and trustworthy, with attention to security and user trust. • Step in to resolve issues impacting users and developers, from small bugs to larger incidents. • Collaborate with designers, product managers, QA, and community contributors to deliver end-to-end improvements. • Contribute in the open through pull requests, code reviews, and discussions.
Senior Product Security Engineer
Climb Channel Solutions NAA different breed of specialty technology distributor. #ClimbWithUs
• Provide leadership in the Product Security Program • Understand current product security state and define future strategies • Promote security architecture in product strategy • Conduct security architecture reviews • Perform Threat Modeling and document product risks • Maintain and mature Product Security tooling • Conduct code reviews and provide guidance on vulnerability management • Provide mentorship to team members
Cybersecurity Engineer
Logistics Management InstituteLMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed. Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors—helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value.
Role Description We’re looking for a Cybersecurity Engineer to support the secure deployment and continuous authorization of IronSled, an enterprise Platform as a Service built for federal missions. You’ll join a small, high-visibility team and own the security work that lets IronSled reach production, maintaining the ATO posture, driving vulnerability management, and partnering with cyber stakeholders to keep the platform compliant as it evolves. This is hands-on cyber engineering, not paper compliance. You’ll work alongside platform engineers, ISSOs, and the security team to harden deployments, validate controls, and resolve findings against real systems. If you want to do federal cybersecurity in an environment that ships fast and treats security as part of the product, keep reading. IronSled is LMI’s DevSecOps platform that serves as the central hub for all software development projects. IronSled allows internal and external users to set up development environments with just a few clicks. Responsibilities - Lead Risk Management Framework (RMF) activities for the LIGER deployment, including system categorization, control selection and tailoring, implementation, assessment, and continuous monitoring. - Own and maintain authorization artifacts: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting documentation aligned to DHS requirements. - Coordinate directly with ISSOs, Authorizing Officials, and cyber working groups to advance ATO and continuous authorization activities. - Interpret NIST 800-53 controls in the context of the LIGER platform and translate them into actionable engineering requirements. - Run and review vulnerability scans across CI/CD pipelines and runtime environments, triage findings, and drive remediation through the engineering team. - Validate secure configurations and hardening baselines (e.g., CIS Benchmarks, DISA STIGs) on containers, hosts, and cloud resources. - Partner with platform engineers on cloud and container security in AWS GovCloud, including IAM, network controls, secrets management, logging, and runtime protection. - Develop and maintain security policies, procedures, and standard operating procedures (SOPs) specific to LIGER on customer infrastructure. - Track audit findings, remediation actions, and POA&M items to closure. - Support FedRAMP-aligned control implementation and inheritance where applicable. - Advise senior LIGER and leadership on system risk levels, control effectiveness, and emerging compliance considerations for AI/LLM systems in federal environments. Qualifications - Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field. - 5+ years of experience designing, implementing, and monitoring cybersecurity solutions in federal environments. - 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53. - CISSP, CISM, or equivalent senior-level cybersecurity certification. - Experience securing LLM, GenAI, or agentic AI systems, including data handling, prompt and tool-call risk, and model output controls. - Strong working knowledge of cloud security, particularly AWS, with experience in GovCloud or similar high-compliance environments. - Experience with vulnerability management workflows: scanning, triage, remediation tracking, and reporting. - Experience hardening systems against secure baselines such as CIS Benchmarks or DISA STIGs. - Familiarity with secure software development practices: secrets management, access control, auditability, and CI/CD pipeline security. - Strong written communication skills, including the ability to produce ATO artifacts that hold up to assessor and AO review. - Ability to translate compliance requirements into specific engineering work and partner closely with developers. What Will Set You Apart - Direct experience supporting ATO or continuous authorization for systems hosted at DHS, or another DHS component. - Familiarity with DHS 4300A and cybersecurity policies and processes. - FedRAMP readiness or assessment experience (Moderate or High). - Hands-on container and Kubernetes security experience (e.g., EKS, image scanning, admission control, runtime protection). - DevSecOps experience integrating security scanning into GitLab CI/CD pipelines. - Experience with vulnerability management platforms such as Tenable. - Experience with ATO documentation tooling (e.g., Xacta, OpenRMF, or similar). - Familiarity with CISA Binding Operational Directives, Continuous Diagnostics and Mitigation (CDM), or High Value Asset (HVA) program requirements. Salary Information Target salary range: $111,427 - $200,000 The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.



