Security Architect (Central - Product Security)

Company Description

About CyberArk:
CyberArk (NASDAQ: CYBR), is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit our CyberArk blogs or follow us on Twitter, LinkedIn or Facebook.

Job Description

As a Security Architect within our Engineering Security, Security Architecture team, you will play a pivotal role in enhancing and maintaining the security posture of our organization. You will provide governance and guidance on security measures in product development and operations, ensuring our products and systems are robust and resilient against threats.

As a member of the Engineering Security team in R&D, you will be a part of a diverse, cross-company product security group in Engineering, continuously raising the security bar and enhancing the Engineering security posture. Providing guidance to Engineering and Product Management on defining and prioritizing the development of secure product offerings.

This role requires a security professional who is also a thought leader with deep technical expertise and a passion for mentoring others.

• Provide governance and guidance on security measures in product development and operations.
• Lead cross-functional security initiatives and oversee the implementation of security policies.
• Define and promote cross-company security best practices and cloud security architectures.
• Establish and maintain secure development guidelines and standards.
• Govern and participate in threat modeling, design reviews, and code reviews to ensure security standards are met.
• Deliver training sessions and security awareness activities to engineering teams.
• Lead and guide product incident response efforts, ensuring timely and effective resolution.
• Review and update security policies to align with evolving threats and organizational needs.
• Support internal and external penetration testing services.

#LI-OS1

Qualifications

• 6+ years of software development experience and 5+ years in software security.
• Proven leadership experience, with a focus on security architecture in R&D environments.
• Expertise in secure development practices, SSDLC, and cloud security (AWS preferred).
• Experience with threat modeling, risk management, and conducting security reviews.
• Familiarity with security frameworks (OWASP, NIST, CSA) and identity management systems (Active Directory, SAML, LDAP).
• Ability to think like an attacker to anticipate security threats.
• Fluent in English, with strong communication, presentation, and leadership skills.
• Hands-on experience with security tools and infrastructure security.

How you will stand out from the crowd: 

• Security or Solution Architect certifications.
• Experience speaking at security conferences.
• Practical knowledge of security testing and research.
• Experience with Agile development methodologies.