Security Architect

WHO WE ARE We’re not just a company — we’re a global force, fiercely committed to ensuring that everyone, everywhere, can live their digital lives safely. Our family of brands – Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner – unites the brightest minds, the sharpest technology, and the most diverse perspectives to protect over 500 million people worldwide. We’ve built an inclusive workplace where your well-being is a priority, because true success comes from balance and authenticity. When you’re thriving, you’re unstoppable. So bring your bold ideas and passion that never quits. The digital world isn’t some distant reality – it’s the world we live in, and we’re ready for it. If you’re ready to push boundaries and be part of something bigger, join #TeamGen. HOW WE WORK We’re a small, highly skilled security team ensuring our products, integrations, and policies remain  rock-solid, compliant, and ship-ready —without slowing innovation down. Our mission is to be pragmatic partners to product, SRE, and platform teams — finding the  safest path to “yes”  while helping engineers build securely and confidently. We work across the stack: from design and code reviews to cloud and network audits, from defining guardrails to mentoring teams on threat modeling and secure development. MISSION & GOALS As a  Security Engineer , you’ll play a pivotal role in  ensuring product resilience, compliance, and readiness  for release. You’ll partner closely with engineering and infrastructure teams to make sure security is integrated early — enabling fast, safe, and scalable development across all environments. Your goal: keep our systems secure and compliant  without slowing down builders , while driving a culture of continuous improvement and automation. OBJECTIVES Design & change reviews:  Assess new features, third-party integrations, and infrastructure changes; identify threats early and propose safe, pragmatic solutions. Firewall & network audits:  Streamline rule bases, segment wisely, and close side doors — then drive remediation to completion. Policies & reference architectures:  Write product-friendly, cloud-first guardrails that engineers actually adopt. Mentor & facilitate:  Lead threat-modeling workshops, code/infra walk-throughs, and brown-bags to grow security literacy across product, SRE, and platform. Continuous improvement:  Turn findings into dashboards, scripts, and CI/CD checks to automate our way to better. COMPETENCIES Technical toolkit Cloud & containers:  AWS/Azure/GCP security (IAM, KMS, policies), secure VPC/VNet design, Kubernetes/Docker hardening, image scanning, OPA/Gatekeeper. Network & perimeter:  NGFW, VPN, IDS/IPS, micro-segmentation, Zero-Trust models, packet analysis (Wireshark/tcpdump). Observability & detection:  Log pipelines (cloud on-prem), SIEM content (Splunk, ELK, Sentinel, KQL, Sigma). Secure SDLC / DevSecOps:  SAST/DAST, IaC scanning (Terraform Checkov/OPA), secrets management (Vault), CI/CD gating (GitHub Actions, GitLab CI). Threat modeling & ATT&CK:  STRIDE/LINDDUN workshops, reusable patterns, MITRE ATT&CK mapping. Identity & access:  OAuth2/OIDC, SAML, RBAC/ABAC, PAM, JIT, hardened MFA. Standards & compliance:  NIST CSF, CIS Benchmarks, ISO 27001, SOC 2, PCI-DSS, GDPR — translated into measurable cloud guardrails. Experience & mindset Solid background (5 years preferred; 3 if ambitious) in security engineering or architecture. Strong understanding of network and cloud security (AWS/Azure/GCP). Excellent communication — able to translate complex security concepts into actionable solutions. Mature, pragmatic, and collaborative approach — focused on solving problems, not chasing titles. Nice-to-have certifications: AWS Security Specialty, Azure Security Engineer, GCP Security Engineer, CISSP, CCSP, OSWE, OSCP. WHAT WE OFFER Annual bonus scheme Unlimited PTO and flexible working hours Opportunity to join a global tech company listed on the S&P 5 ... (truncated, view full listing at source)