Cybersecurity Architect - Threat and Vulnerability Management (SaaS/Cloud)

TL;DR

Cybersecurity Architect - Threat and Vulnerability Management (SaaS/Cloud): Designing and evolving enterprise security architecture to defend against adversarial threats with an accent on secure-by-design principles and cloud-native environments. Focus on integrating Red and Blue team insights, developing threat models for SaaS ecosystems, and implementing Zero Trust maturity.

Location: Hybrid, based in Nashville, TN

Salary: $179,000 - $205,000

Company

Leading entertainment and sports agency with global expertise in media, talent representation, and digital media.

What you will do

• Design and evolve enterprise security architecture using secure-by-design principles for cloud-native and SaaS environments.
• Act as a liaison between Red and Blue teams to translate adversarial findings into architectural improvements and detection use cases.
• Plan and execute Purple Team exercises to validate security controls across infrastructure and SaaS platforms.
• Develop threat models for critical systems, including SaaS integrations, APIs, and identity flows.
• Drive detection engineering by mapping adversary TTPs via MITRE ATT&CK to logging and response capabilities.
• Conduct architecture risk assessments and provide remediation strategies aligned with business risk tolerance.

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, or equivalent professional experience.
• Must be based in or able to work hybrid from Nashville, TN.
• 7+ years of experience in cybersecurity, with 2–3 years in architecture or senior engineering roles.
• Hands-on experience in Cyber Threat and Offensive Security operations to validate security controls.
• Strong knowledge of cloud security (AWS, Azure, GCP) and enterprise network architectures.
• Proficiency in scripting with at least one of the following: Python, PowerShell, or JavaScript.

Nice to have

• Experience aligning threat management to frameworks such as MITRE ATT&CK, NIST CSF, ISO27001, or OWASP.
• Experience integrating SOAR, SIEM, and vulnerability scanning tools into a threat program.
• Knowledge of Zero Trust architecture and modern identity security practices.

Culture & Benefits

• Culture of collaboration and exceptional client service within a global organization.
• Eligible for comprehensive corporate benefits and a discretionary bonus.
• Opportunity to work at the intersection of offensive and defensive security in a high-profile agency environment.