Senior Security Architect

About Nerdio

At Nerdio, our mission is to simplify the lives of IT professionals and maximize their Microsoft cloud and end user computing investments. 

We support organizations of all sizes looking to deploy, manage, and cost-optimize native Microsoft technologies. We partner with Enterprises and Managed Service Providers all over the world to add value on top of their existing native Microsoft investments like Azure Virtual Desktop (AVD), Windows 365, and Microsoft Intune. 

Created in 2016, Nerdio has always taken a market-leading and collaborative approach to cloud deployment and management. In fact, our product roadmap is greatly influenced by the regular feedback we receive from having seen companies deploy AVD into production environments several thousand times using Nerdio technology. 

Today, Nerdio is used in over 50 countries by more than 15,000 organizations of every size and vertical. We’re committed to delivering exceptional service and support, which starts with identifying and supporting the best staff possible. 

We are a fast-moving, nimble company looking for individuals who are collaborative, empathetic, driven and who love to move at the speed of light. If you want to be part of the AVD transformation that Microsoft and Nerdio are leading, then we want to speak with you.

About the role

We are seeking a deeply experienced and future-focused Senior Security Architect to lead secure design across cloud infrastructure, API integrations, supply chain workflows, and AI-driven product initiatives. This role is not just about securing today's architecture—it requires anticipating tomorrow's threats. The ideal candidate brings both architectural rigor and a continuous learning mindset, capable of navigating the complex intersection of cloud-native infrastructure, secure development pipelines, sensitive data governance, and post-quantum cryptography readiness. You will partner across security, product, platform, and governance functions to ensure our systems are built with trust, resilience, and strategic foresight. 

What you'll do

• Define and lead security architecture across Azure-native infrastructure, APIs, SaaS integrations, and internal platforms. 

• Conduct threat modeling and architectural reviews of high-trust data flows, including internal APIs, client connectivity, and AI model interaction boundaries. 

• Guide engineering and product teams on secure development practices, privacy-preserving architectures, and separation of environments where AI or LLMs may operate. 

• Own the security architecture in response to supply chain threats, including code signing validation, third-party dependency review, and CI/CD control hardening. 

• Collaborate with both product development and product security to establish reference architectures, trust boundaries, and control models for new solutions across modern and emerging stacks. 

• Lead evaluations and strategy for cryptographic protocols (TLS 1.3+, quantum-safe algorithms), including integration into existing pipelines and long-term transition planning. 

• Partner with governance, legal, and engineering teams to ensure proprietary and client data is not exposed through model training or AI augmentation pipelines. 

• Maintain fluency in Azure Entra ID, Key Vault, Policy, workload identities, and runtime security controls. 

• Support incident response and lead post-incident architectural reviews to identify systemic design weaknesses and implement resilient fixes. 

• Mentor and influence senior technical stakeholders, enabling clarity around risks, controls, and design tradeoffs under business constraints. 

Qualifications

• 12+ years in security architecture, engineering, or platform design roles with increasing complexity and leadership scope. 

• Deep expertise in securing Azure-native and hybrid environments, including advanced identity models, policy enforcement, and API gateways. 

• Demonstrated experience managing architectural risk in high-complexity, high-trust ecosystems (e.g., financial systems, AI-powered platforms, software supply chains). 

• Proven ability to address AI-specific security risks, including secure model interaction boundaries, data leakage prevention, and governance layering. 

• Familiarity with the current state and emerging landscape of post-quantum cryptography, encryption standards, and TLS evolution. 

• Strong command of modern software development, CI/CD pipelines, infrastructure-as-code (Terraform or Bicep), and application security fundamentals. 

• Effective communicator with the ability to translate architectural and cryptographic complexity into business-aligned decisions. 

• Recognized for strategic influence, hands-on expertise, and ability to unify multiple teams around scalable, auditable, and secure designs. 

• Bachelor's or Master’s in Computer Science, Information Security, or a related field; advanced certifications preferred (e.g., CISSP-ISSAP, Azure Solutions Architect Expert, CCSK, or SABSA). 

Key Competencies

• Architect-level fluency across cloud, cryptography, and application security domains. 

• Relentless learner—actively tracks AI risk evolution, supply chain attack patterns, and control breakthroughs. 

• Confident advising at the board, engineering, and product level. 

• Comfortable designing in ambiguity—always grounded in threat-consequence pairings and real-world tradeoffs. 

• Skilled in balancing autonomy and influence across product, platform, security, and compliance teams. 

Benefits and Incentives

• Competitive Base + Incentive Plan
• Stock Options
• Health and Welfare Plans*
• Life and Disability Plans*
• Retirement Plan*
• Unlimited Flexible Paid Time Off......including your birthday off!
• Collaborative Team Culture

* Benefits for international employees, outside the US, vary by country. 

Nerdio is committed to a diverse and inclusive workplace. Nerdio is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.