Platform Security Architect

The Company

NorthMark Compute & Cloud (NMC²) is backed by dedicated leadership and investment, with a clear mission as it operates at the bleeding edge of technology. Its goal is to scale and enhance the high-performance computing (HPC) and cloud infrastructure that supports its clients' research, production, and delivery, enabling breakthroughs that shape the industries of tomorrow. Its engineers build critical infrastructure to eliminate friction in scientific research, simulations, analysis, and decision-making, accelerating discovery and driving faster innovation.

The Position

The Platform Security Architect will partner with internal stakeholders (on-prem & cloud), customer teams, and CISO / security groups to define policies / controls; They will help implement security controls across the platform SDLC stack, CI / CD pipelines, and infrastructure. This role will help ensure compliance / policy adherence, and security operational excellence.

This role will provide guidance and ensure that security is embedded into every stage of software delivery, while enabling engineering teams to adopt best practices and tools. Expertise in pipelines and public cloud, for protecting workloads across hybrid environments.

Responsibilities :

• Architect and design end-to-end security for the SDLC stack (repos, pipelines, artifact registries, deployment tooling).
• Secure CI / CD pipelines : implement code scanning, dependency checks, artifact signing, and secrets management.
• Establish Security best-practices in Public Cloud and on-prem infrastructure with guidance on enforcement
• Partner with external security teams to align and enforce policies and controls.
• Establish policy-as-code frameworks for automated compliance.
• Define and partner with DevSecOps teams to implement network security controls using service mesh, eBPF, and Cilium (network policies, L7 visibility, workload isolation).
• Define and govern identity and access management models for platform and service workloads.
• Drive adoption of DevSecOps tooling across engineering teams, ensuring frictionless integration into delivery workflows.
• Define audit, logging, and compliance mechanisms across all pipelines and services.
• Design framework / tooling to prove the meeting of security requirements for nmc2 with separation of duties for High Integrity environments
• Drive Tracking and reporting of risks being raised against teams and ensuring completion on time
• Provide security-focused ADRs (Architecture Decision Records) to capture architectural rationale.
• Coach engineering teams on secure design, threat modeling, and best practices.

Requirements :

It is impossible to list every requirement for, or responsibility of, any position. Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company's needs may change over time. Therefore, the above job description is not comprehensive or exhaustive. The Company reserves the right to adjust, add to or eliminate any aspect of the above description. The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs.

Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Benefits & Perks :

EQUAL OPPORTUNITY EMPLOYER

NORTHMARK STRATEGIES LLC IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.