Cybersecurity Architect

At HDR, our employee-owners are fully engaged in creating a welcoming environment where each of us is valued and respected, a place where everyone is empowered to bring their authentic selves and novel ideas to work every day. As we foster a culture of inclusion throughout our company and within our communities, we constantly ask ourselves: What is our impact on the world?

Watch Our Story:' https://www.hdrinc.com/our-story'

Each and every role throughout our organization makes a difference in our ability to change the world for the better. Read further to learn how you could help make great things possible not only in your community, but around the world.

Ready to help define the future of HDR's technology landscape?

About the Role

As a Cybersecurity Architect, you will work closely with the Director of IT Architecture and fellow architects to establish, evolve, and govern HDR's enterprise security architecture. Reporting within the IT Architecture pillar, you will partner closely with the Director of Cybersecurity and cybersecurity leadership to ensure our long-term technology roadmaps are inherently resilient and aligned with the firm's risk posture. You will partner with operational technology leaders, corporate IT teams, and business stakeholders to design secure, resilient, and costeffective security capabilities that protect HDR's people, data, and platforms-supporting HDR's longterm business strategy. While our Cybersecurity GRC team manages the governance and audit requirements, you will define the technical architectural patterns that make those requirements a reality.

This is a strategic architecture role, not a security engineering or operations position. You will influence decisions, design targetstate security architectures, and guide teams as HDR advances its Zero Trust and cybersecurity maturity across identity, data, applications, infrastructure, and networks. You will be a key advocate for shifting security "left" by integrating DevSecOps principles into our infrastructure and software delivery lifecycles, ensuring that our systems are "Secure-by-Design."

What You'll Do

Architecture & Strategy

* Define enterprise security architectures and roadmaps aligned to HDR's technology vision and risk posture.

* Establish reference architectures and technical guardrails that satisfy NIST 800-171/53 and CMMC Level 2 frameworks without hindering business velocity.

* Design DevSecOps patterns that automate security within CI/CD pipelines and infrastructure-as-code (IaC) workflows.

* Provide architectural leadership for modernization initiatives.

Governance & Oversight

* Contribute architectural expertise to security governance processes.

* Review proposed solutions for alignment with architectural standards.

* Serve as an expert advisor to IT Operations, Security, and other teams.

Collaboration & Leadership Influence

* Advise leaders and technical teams on cybersecurity maturity.

* Translate complex risks and compliance requirements into actionable architectural guidance.

* Partner with operations teams on transition and sustainability plans.

What This Role Is / Is Not

This role is NOT:

* A handson incident responder, SOC analyst, or penetration tester role

* A junior or entrylevel engineering position

* A role focused solely on operating existing security tools or tickets

* A software development role

This role IS:

* Architectural, strategic, crossfunctional, and enterpriselevel

* Focused on longterm strategy and modernization efforts

* Suited for someone who thrives in designing and guiding modern solutions

Preferred Qualifications

* Relevant certifications such as SC100, AZ500, AZ305, CISSP, CCSP, or SABSA.

* Demonstrated depth across identity, data, application, endpoint, network, and cloud security.

* Strong working knowledge of NIST 800-171/53 and CMMC Level 2 frameworks as they apply to architectural design

* Experience defining reference architectures and control mappings.

* Strong communication and influence skills.

* Demonstrated depth across identity, data, application, endpoint, network, and cloud security.

* Understanding of how to integrate security guardrails into automated deployment pipelines.

#LI-KV1