Director - Security Architecture, Operations, and Engineering

<div class="content-intro"><p><span style="font-weight: 400;">Archer is an aerospace company based in San Jose, California building an all-electric vertical takeoff and landing aircraft with a mission to advance the benefits of sustainable air mobility. We are designing, manufacturing, and operating an all-electric aircraft that can carry four passengers while producing minimal noise.</span></p> <p><span style="font-weight: 400;">Our sights are set high and our problems are hard, and we believe that diversity in the workplace is what makes us smarter, drives better insights, and will ultimately lift us all to success. We are dedicated to cultivating an equitable and inclusive environment that embraces our differences, and supports and celebrates all of our team members.</span></p></div><p><strong>Director- Security Architecture, Operations, and Engineering</strong></p> <p><strong>Job Overview</strong></p> <p>We are seeking a Director of Security Architecture and Engineering to design and implement Archer's enterprise security infrastructure and technical vision. You are a strategic, hands-on technologist and an excellent communicator who can see the big picture. Reporting directly to the CISO, you will oversee the design and deployment of security architecture across identity, cloud, application, and infrastructure domains, while ensuring strict compliance with NIST SP 800-171, CMMC Level 2, SOX, and ITAR requirements. This role combines engineering excellence with security strategy, requiring deep technical expertise in modern security tools, architecture patterns, and the ability to translate business risks into technical requirements that all teams follow. You will collaborate with cloud, application, identity, and infrastructure teams to develop a unified, defense-in-depth security architecture that helps Archer maintain federal contractor eligibility, achieve operational agility, and scale confidently.</p> <p><strong>Key Responsibilities</strong></p> <ul> <li>Design and implement a unified Zero Trust Architecture (ZTA) that spans identity, network, cloud, application, and infrastructure domains, establishing architecture standards and guiding principles for all security domains across Archer.</li> <li>Lead the architecture and technical design of cloud security infrastructure (AWS, Azure, and GCP), including secure landing zones, network segmentation, encryption strategies, and shared security services (logging, threat detection, key management).</li> <li>Establish security control architecture aligned to NIST SP 800-171 and CMMC Level 2 frameworks, translating control requirements into technical solutions and engineering roadmaps across the enterprise.</li> <li>Design and oversee the implementation of identity and access management architecture (Okta, privileged access management, identity governance), ensuring scalability, auditability, and alignment to zero trust principles.</li> <li>Create and maintain security architecture blueprints and technical reference architectures (cloud, microservices, DevSecOps) that enable consistent, secure design across all engineering teams.</li> <li>Establish DevSecOps architecture and practices, including CI/CD security gates, infrastructure-as-code scanning, supply chain security, and automated compliance evidence collection integrated into the development pipeline.</li> <li>Lead security architecture reviews for major infrastructure, cloud, and application projects, ensuring security requirements are integrated early, and tradeoffs between security and business needs are documented.</li> <li>Drive the design and implementation of enterprise security tooling strategy (SIEM, CSPM, endpoint detection, threat intelligence), ensuring tools integrate seamlessly and reduce operational friction.</li> <li>Establish threat modeling and attack surface management practices across engineering teams, prioritizing investments based on residual risk and business impact.</li> <li>Mentor and lead secu ... (truncated, view full listing at source)