Senior Staff Security Architect

Business Area:

IT

Seniority Level:

Mid-Senior level

Job Description: 

At Cloudera, we empower people to transform complex data into clear and actionable insights. With as much data under management as the hyperscalers, we're the preferred data partner for the top companies in almost every industry.  Powered by the relentless innovation of the open source community, Cloudera advances digital transformation for the world’s largest enterprises.

Cloudera is seeking a highly experienced Senior Staff Security Architect (IC5) to lead the strategic design and risk management of our hybrid IT environment, including on-premises data centers, cloud platforms (AWS, Azure, GCP), and an evolving AI landscape. This role serves as a senior technical authority and the primary owner of Security Architecture Reviews (SARs), responsible for evaluating complex designs and defining security standards across network, identity, application, data, and AI domains.

In addition to core security architecture responsibilities, this role will define security guardrails for AI coding agents, LLM integrations, and autonomous assistants, partnering closely with IT Operations, Product Security, and Data Science teams to ensure innovation is delivered in a secure, risk-aware manner. The Staff Security Architect operates as a technical leader and mentor, translating architectural decisions into clear risk outcomes and durable security patterns.

As a Sr. Staff Security Architect, you will:

• Security Architecture & Strategy: Lead the design and evolution of security architecture across hybrid environments, ensuring security by design is embedded into on-prem, cloud, application, data, and AI-enabled systems.

• Security Architecture Reviews (SARs): Serve as the primary authority for Security Architecture Reviews, evaluating new platforms, services, vendors, and architectural changes to identify material risk and define secure design patterns aligned with enterprise standards.

• Cloud & Platform Security: Define and maintain a consistent security posture across AWS, Azure, and GCP, including identity architecture, network segmentation, workload isolation, logging, and secure integration with on-premises environments.

• Application & Data Security: Assess application architectures and data flows to identify security risks related to access control, data protection, trust boundaries, and dependency management, including modern cloud-native and AI-enabled applications.

• AI Security & Risk Governance: Define security guardrails for AI-enabled capabilities, including LLM integrations, coding assistants, and automation platforms. Conduct targeted risk assessments focused on data exposure, misuse, and model interaction risks as part of broader architecture reviews.

• Zero Trust & Identity Architecture: Lead identity and access architecture initiatives, including Zero Trust principles and lifecycle management for human and non-human identities, ensuring consistent enforcement across hybrid environments.

• Threat Modeling & Risk Analysis: Drive threat modeling and architectural risk analysis for complex systems, identifying cross-domain risks spanning network, identity, application, cloud, and AI components.

• Security Automation & Guardrails: Promote security-as-code approaches by defining and enforcing architectural guardrails through automation (e.g., Terraform, policy-as-code, Python) to ensure consistency and scalability.

• Technical Leadership & Mentorship: Act as a senior technical leader and mentor, influencing engineering teams through expertise, design guidance, and risk-based decision-making rather than direct authority.

• Policy Translation & Standards: Translate regulatory and framework requirements (e.g., NIST AI RMF, ISO 27001) into clear security requirements and enforceable architectural standards.

We are excited about you if you have:

• Experience: 10+ years of progressive experience in cybersecurity, with at least 5 years specifically in a Security Architect or Staff-level capacity.

• AI Security Expertise: Proven understanding of LLM security risks (OWASP Top 10 for LLMs), including training data poisoning and insecure output handling. Experience vetting AI agents for enterprise use is required.

• Cloud Mastery: Hands-on experience securing multi-cloud environments (AWS, Azure, and GCP) with a focus on identity federation.

• Technical Lead Persona: Demonstrable experience leading complex, multi-departmental technical projects and mentoring senior staff.

• Framework Fluency: Deep familiarity with the NIST AI Risk Management Framework (AI RMF).

• Automation Skills: Proficient in scripting (Python, Bash) or Infrastructure as Code (Terraform) to enforce standards.

• Communication: Exceptional ability to explain high-level risk to C-suite executives while remaining "in the weeds" with developers.

• Certifications: CISSP-ISSAP (Architecture), CCSP, or specialized Cloud/AI security certifications are highly desirable.

This role is not eligible for immigration sponsorship

What you can expect from us:

• Generous PTO Policy 

• Support work life balance with Unplugged Days

• Flexible WFH Policy 

• Mental & Physical Wellness programs 

• Phone and Internet Reimbursement program 

• Access to Continued Career Development 

• Comprehensive Benefits and Competitive Packages 

• Paid Volunteer Time

• Employee Resource Groups

EEO/VEVRAA

#LI-REMOTE