Information Security Architect

<p><em>Please Note: This is a Utah-based hybrid position which will require some regular in-office days each week. Additionally, employment with BambooHR is contingent on passing both a background and credit check.&nbsp;</em></p> <p><strong></strong></p> <p><strong>AI at BambooHR<br></strong>At BambooHR, we’re all about setting people free to do great work, and we believe AI is a powerful partner in that mission. We’re leaning into intelligent tools to streamline our workflows, giving us more time for high-impact innovation. We look for curious, forward-thinking people who are ready to explore how AI can elevate their work and help us reimagine the future of HR.</p> <p><strong></strong></p> <p><strong>Essential Job Duties</strong></p> <p><span id="popover-trigger-:r2j:" class="chakra-text css-bcri66"><span data-offset-key="7fgqa-0-0"><span data-text="true">The Information Security Architect will lead hands-on security architecture design across BambooHR’s cloud environment and corporate information systems, partnering with engineering, IT, and security teams to embed security into platforms, processes, and day-to-day technology decisions.</span></span></span> <span id="popover-trigger-:r2l:" class="chakra-text css-bcri66"><span data-offset-key="7fgqa-2-0"><span data-text="true">A typical day includes leading architecture and design reviews, defining secure cloud and corporate security patterns, advising on identity and data protection strategies, and guiding teams through complex security tradeoffs to enable secure, scalable delivery.</span></span></span></p> <p><span class="chakra-text css-bcri66">The Information Security Architect will own outcomes across cloud and corporate security architecture, delivering scalable designs, standards, and measurable risk reduction. This role operates with a high degree of autonomy and influence, partnering across engineering, IT, product, and security to embed security into how BambooHR designs, builds, and operates.</span></p> <p>You will:</p> <ul> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-reset public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="5f9a0-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="5f9a0-0-0"><span id="popover-trigger-:r2n:" class="chakra-text css-bcri66"><span data-offset-key="5f9a0-0-0"><span data-text="true">Lead the design and evolution of security architecture across cloud infrastructure, SaaS platforms, and corporate information systems, ensuring solutions are secure-by-design, scalable, and operationally sustainable.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="fjvfg-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="fjvfg-0-0"><span id="popover-trigger-:r2p:" class="chakra-text css-bcri66"><span data-offset-key="fjvfg-0-0"><span data-text="true">Own and maintain security architecture standards, reference architectures, and secure design patterns spanning identity and access management, data protection, logging/telemetry, endpoint security, and third-party integrations.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="4lbpl-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="4lbpl-0-0"><span id="popover-trigger-:r2r:" class="chakra-text css-bcri66"><span data-offset-key="4lbpl-0-0"><span data-text="true">Conduct and lead security architecture reviews for new systems, material changes, vendor tools, and integrations; document decisions, required control outcomes, and implementation guidance that teams can execute.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="fv958-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="fv958-0-0"><span id="popover-trigger-:r2t:" class="chakra-text css-bcri66"><span data-offset-key="fv958-0-0"><span data-text="true">Drive threat modeling and architectural risk assessments for strategic initiatives; translate findings into prioritized remediation plans and architecture improvements that balance risk reduction with usability and delivery velocity.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="fi40e-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="fi40e-0-0"><span id="popover-trigger-:r2v:" class="chakra-text css-bcri66"><span data-offset-key="fi40e-0-0"><span data-text="true">Define and validate cloud security control expectations, including IAM, network segmentation, encryption and key management, secrets management, centralized logging, and least-privilege access models; validate adoption through partnership with engineering and IT.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="5t4u0-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="5t4u0-0-0"><span id="popover-trigger-:r31:" class="chakra-text css-bcri66"><span data-offset-key="5t4u0-0-0"><span data-text="true">Influence detection and response architecture in collaboration with SecOps to improve visibility, telemetry quality, and response </span></span></span><span id="popover-trigger-:r33:" class="chakra-text css-1j6t0d7"><span data-offset-key="5t4u0-1-0"><span data-text="true">effectiveness</span></span></span><span id="popover-trigger-:r35:" class="chakra-text css-bcri66"><span data-offset-key="5t4u0-2-0"><span data-text="true">; support investigations by providing architectural context and remediation guidance as needed.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="c4elm-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="c4elm-0-0"><span data-offset-key="c4elm-0-0"><span data-text="true">Partner with Security Engineering, Application Security, Security Operations, and GRC to ensure security controls are consistently designed and implemented across prevention, detection, response, and governance/audit domains (e.g., SOC 2, ISO 27001, and customer requirements).</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="6kft7-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="6kft7-0-0"><span id="popover-trigger-:r37:" class="chakra-text css-bcri66"><span data-offset-key="6kft7-0-0"><span data-text="true">Create clear and accessible architecture documentation (standards, diagrams, patterns, decision records) and communicate security tradeoffs </span></span></span><span id="popover-trigger-:r39:" class="chakra-text css-1j6t0d7"><span data-offset-key="6kft7-1-0"><span data-text="true">effectively</span></span></span><span id="popover-trigger-:r3b:" class="chakra-text css-bcri66"><span data-offset-key="6kft7-2-0"><span data-text="true"> to both technical and non-technical stakeholders.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="e872a-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="e872a-0-0"><span id="popover-trigger-:r3d:" class="chakra-text css-bcri66"><span data-offset-key="e872a-0-0"><span data-text="true">Mentor and guide security practitioners and cross-functional partners by improving shared </span></span></span><span id="popover-trigger-:r3f:" class="chakra-text css-8zk7oi"><span data-offset-key="e872a-1-0"><span data-text="true">understanding</span></span></span><span id="popover-trigger-:r3h:" class="chakra-text css-bcri66"><span data-offset-key="e872a-2-0"><span data-text="true">, raising architectural maturity, and promoting consistent adoption of security patterns and secure-by-default approaches.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="9lh14-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="9lh14-0-0"><span id="popover-trigger-:r3j:" class="chakra-text css-bcri66"><span data-offset-key="9lh14-0-0"><span data-text="true">Demonstrate an AI-forward mindset and proficiency by actively using AI tools to improve productivity, quality, and decision-making in security architecture and engineering workflows, and be able to speak to real-world examples of using AI to conduct work and to design and implement </span></span></span><span id="popover-trigger-:r3l:" class="chakra-text css-1j6t0d7"><span data-offset-key="9lh14-1-0"><span data-text="true">practical</span></span></span><span id="popover-trigger-:r3n:" class="chakra-text css-bcri66"><span data-offset-key="9lh14-2-0"><span data-text="true">, secure solutions (e.g., accelerating architecture documentation, threat modeling, control validation, detection </span></span></span><span id="popover-trigger-:r3p:" class="chakra-text css-1j6t0d7"><span data-offset-key="9lh14-3-0"><span data-text="true">logic</span></span></span><span id="popover-trigger-:r3r:" class="chakra-text css-bcri66"><span data-offset-key="9lh14-4-0"><span data-text="true"> development, policy/standard drafting, or automating analysis).</span></span></span></div> </li> </ul> <p><strong>What You Need to Get the Job Done</strong></p> <ul> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-reset public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="6hfjj-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="6hfjj-0-0"><span data-offset-key="6hfjj-0-0"><span data-text="true">Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent professional experience.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="c8j69-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="c8j69-0-0"><span data-offset-key="c8j69-0-0"><span data-text="true">6–7+ years of hands-on experience in information security, security engineering, cloud security, or closely related roles.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="4mvlm-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="4mvlm-0-0"><span data-offset-key="4mvlm-0-0"><span data-text="true">Demonstrated experience leading security architecture or design decisions for production cloud and/or corporate environments.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="bf85t-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="bf85t-0-0"><span id="popover-trigger-:r3t:" class="chakra-text css-1j6t0d7"><span data-offset-key="bf85t-0-0"><span data-text="true">Strong</span></span></span><span data-offset-key="bf85t-1-0"><span data-text="true"> working knowledge of at least one major cloud platform (AWS, Azure, or GCP), including IAM, networking, encryption, key management, and logging.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="3n1mr-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="3n1mr-0-0"><span id="popover-trigger-:r3v:" class="chakra-text css-1j6t0d7"><span data-offset-key="3n1mr-0-0"><span data-text="true">Practical</span></span></span><span data-offset-key="3n1mr-1-0"><span data-text="true"> experience across corporate security domains such as identity and access management, endpoint security, SaaS governance, and data protection.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="b0mci-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="b0mci-0-0"><span data-offset-key="b0mci-0-0"><span data-text="true">Ability to </span></span><span id="popover-trigger-:r41:" class="chakra-text css-1j6t0d7"><span data-offset-key="b0mci-1-0"><span data-text="true">independently</span></span></span><span data-offset-key="b0mci-2-0"><span data-text="true"> assess risk, define security control objectives, and translate them into clear architectural guidance and implementation requirements.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="7i47f-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="7i47f-0-0"><span data-offset-key="7i47f-0-0"><span data-text="true">Ability to drive architectural consistency across diverse cloud and corporate systems with varying ownership and constraints.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="dgmms-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="dgmms-0-0"><span data-offset-key="dgmms-0-0"><span data-text="true">Experience balancing security risk reduction with delivery </span></span><span id="popover-trigger-:r43:" class="chakra-text css-1j6t0d7"><span data-offset-key="dgmms-1-0"><span data-text="true">speed</span></span></span><span data-offset-key="dgmms-2-0"><span data-text="true">, usability, and operational realities.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="30akb-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="30akb-0-0"><span id="popover-trigger-:r45:" class="chakra-text css-1j6t0d7"><span data-offset-key="30akb-0-0"><span data-text="true">Excellent</span></span></span><span data-offset-key="30akb-1-0"><span data-text="true"> written and verbal communication skills, with the ability to influence and align technical and non-technical stakeholders.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="ecpii-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="ecpii-0-0"><span id="popover-trigger-:r47:" class="chakra-text css-1j6t0d7"><span data-offset-key="ecpii-0-0"><span data-text="true">Strong</span></span></span><span data-offset-key="ecpii-1-0"><span data-text="true"> organizational and prioritization skills; ability to manage multiple initiatives in a </span></span><span id="popover-trigger-:r49:" class="chakra-text css-1j6t0d7"><span data-offset-key="ecpii-2-0"><span data-text="true">fast-paced</span></span></span><span data-offset-key="ecpii-3-0"><span data-text="true"> environment.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="6rqf9-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="6rqf9-0-0"><span data-offset-key="6rqf9-0-0"><span data-text="true">Experience in a SaaS or cloud-first organization.</span></span></div> </li> </ul> <p><strong>What Will Make Us REALLY Love You&nbsp;</strong></p> <ul> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-reset public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="cb358-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="cb358-0-0"><span data-offset-key="cb358-0-0"><span data-text="true">Experience supporting SOC 2, ISO 27001, and customer security assessments.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="eg7as-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="eg7as-0-0"><span id="popover-trigger-:r4d:" class="chakra-text css-bcri66"><span data-offset-key="eg7as-0-0"><span data-text="true">Familiarity with infrastructure-as-code, CI/CD pipelines, and cloud-native architectures.</span></span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="d6jj3-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="d6jj3-0-0"><span data-offset-key="d6jj3-0-0"><span data-text="true">Experience with SSO/IdP platforms, MDM/endpoint management tools, and modern SaaS security controls.</span></span></div> </li> <li class="public-DraftStyleDefault-unorderedListItem public-DraftStyleDefault-depth0 public-DraftStyleDefault-listLTR" data-block="true" data-editor="6ipu0" data-offset-key="55qju-0-0"> <div class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr" data-offset-key="55qju-0-0"><span data-offset-key="55qju-0-0"><span data-text="true">Security certifications such as AWS Security Specialty, CCSK, SSCP, CISSP (Associate or full), or equivalent.</span></span></div> </li> </ul> <p><strong>What You'll Love About Us</strong></p> <ul> <li>A<a href="https://www.greatplacetowork.com/certified-company/5003334">&nbsp;Great Company Culture</a>&nbsp;that has been recognized by multiple organizations like<a href="https://www.inc.com/profile/bamboohr">&nbsp;Inc</a>, and<a href="https://topworkplaces.com/company/bamboohr-llc/saltlake/">&nbsp;Salt Lake Tribune</a></li> <li>Comprehensive health, life, and disability insurance&nbsp;</li> <li>Generous leave policies that include 4 weeks of vacation, 12 company holidays, parental leave, and volunteer time off so you can enjoy quality of life</li> <li>401k plans with up to 6% company match</li> <li>$2000 Paid-Paid Vacation bonus</li> <li>EAP through Headspace</li> <li>Check out all our<a href="https://www.bamboohr.com/careers/benefits">&nbsp;benefits that benefit you&nbsp;</a></li> </ul><div class="content-conclusion"><p>&nbsp;</p> <p><strong>About Us</strong></p> <p>At BambooHR, we're building something different: we're building a people intelligence platform that transforms HR and sets people free to do great work! We're a proven market leader driving innovation while building lasting success through thoughtful, sustainable growth. Here, you'll find a place that champions growth: both professional and personal, both individual and collective.&nbsp;</p> <p>We invest in potential, giving you the space to stretch your capabilities and turn good ideas into reality while providing the safety net of a supportive, values-driven culture. Our approach combines meaningful work with meaningful lives, offering competitive benefits, professional development, and the flexibility to thrive both in and outside the office.&nbsp;</p> <p>What sets us apart isn't just what we do, but how we do it: with openness, integrity, and a shared commitment to doing the right thing. Join us in creating HR software that makes work better for everyone, while we make work better for you.</p> <p><a href="http://www.greatplacetowork.com/certified-company/5003334" target="_blank"><img style="display: block; margin-left: auto; margin-right: auto; max-width: 100%;" src="https://www.greatplacetowork.com/images/profiles/5003334/companyBadge.png" alt="Review" width="169"></a></p> <p><em><strong data-stringify-type="bold">BambooHR is committed to the full inclusion of all qualified individuals and will ensure that persons with disabilities are provided reasonable accommodations throughout the hiring process.&nbsp; If you would like to request accommodations, please let your recruiter know.</strong></em></p> <p><strong><em>BambooHR is An Equal Opportunity Employer--M/F/D/V<br></em></strong><strong><em>Because our team members are trusted to handle sensitive information, we require all candidates that receive and accept employment offers to complete a background check before being hired.</em></strong></p> <p><strong><em>For information on California Privacy Policy, <a href="https://www.bamboohr.com/legal/california-privacy-notice" target="_blank">click here</a>.</em></strong></p> <p><strong><em><em data-stringify-type="italic">Our process utilizes AI as an assistant to efficiently process and analyze candidate data. Recruiters and hiring managers maintain full oversight and accountability, ensuring that all final selection and rejection decisions are human-made and based solely on objective job qualifications. Please see our <a href="https://www.bamboohr.com/legal/privacy-policy" target="_blank">General Privacy Notice</a> and <a href="https://www.bamboohr.com/legal/california-privacy-notice" target="_blank">California Privacy Notice</a> for more details.</em></em></strong></p> <p><strong><em>See our <a href="https://www.bamboohr.com/about-bamboohr/careers/ai-guidelines-for-candidates" target="_blank">AI Guidelines for Candidates</a> for details on how BambooHR uses AI in recruiting, how we expect candidates to use AI, and what is not allowed.&nbsp;</em></strong></p></div>