As the Security Architect, you will provide hands-on security architecture support to our Retail business and technology teams. This role partners closely with Retail Technology, Product Architecture, Engineering, and Global Cybersecurity Services to ensure that security requirements are embedded into design decisions, delivery plans, and operational patterns without slowing product execution or over-engineering controls. The Architect will act as a trusted security architecture advisor, helping teams navigate risk, regulatory obligations, and modern architectural patterns across on-prem and cloud-enabled retail platforms.
Key Responsibilities Security Architecture & Design:
- Review and assess solution and platform architectures for retail systems, including application and API design, identity and access patterns, network segmentation and connectivity, and data protection and privacy controls.
- Identify security risks, design gaps, and control dependencies early in the lifecycle; recommend pragmatic mitigations.
- Define and promote security architecture patterns appropriate for retail and hybrid environments (on-prem, cloud-enabled, and distributed sites). Project & Delivery Support.
- Embed with project delivery teams to provide timely, actionable security input throughout discovery, design, build, and rollout.
- Participate in architecture reviews, design forums, and technical deep-dives; provide clear feedback and decision-ready recommendations.
- Support threat modeling and security risk assessments for new or changed capabilities.
- Partner with engineering to resolve findings pragmatically; balancing risk, cost, and delivery timelines. Governance & Standards Alignment
- Ensure designs align with security architecture principles, applicable regulatory and contractual obligations, and internal security control baselines.
- Contribute to architecture decision records (ADRs) and security review documentation.
- Support audit-ready documentation for design decisions, exceptions, and risk acceptance where required. Stakeholder Engagement
- Act as a bridge between security, retail technology, and product teams to drive shared outcomes.
- Clearly articulate security risks, options, and tradeoffs to both technical and non-technical stakeholders.
- •Provide guidance that enables teams to move forward confidently rather than blocking progress.
Qualifications:
- 8+ years of experience in security architecture or senior security engineering roles.
- Demonstrated experience supporting large-scale application or platform modernization programs.
- Strong understanding of application security architecture, identity and access management concepts, API and integration security, and network and infrastructure security (on-prem and cloud-connected).
- Experience operating in hybrid retail or distributed environments (e.g., stores/sites, terminals/endpoints, hybrid connectivity) strongly preferred. Technical & Architectural Skills.
- Ability to interpret and influence solution architecture diagrams and design artifacts; comfortable working with reference architectures and target-state roadmaps.
- Familiarity with secure SDLC practices, threat modeling techniques, and vulnerability and risk assessment methodologies.
- Comfortable advising on security controls and patterns without prescribing specific vendor tools unless necessary. Communication & Delivery
- Able to produce clear, concise security architecture documentation (reviews, recommendations, and decision records).
- Comfortable engaging with product managers, solution architects, engineers, and security and risk stakeholders.
- Pragmatic, delivery-oriented mindset with strong professional judgment. What Success Looks Like.
- Security requirements are embedded early in project designs and delivery plans.
- Delivery teams view security as an enabler, not a blocker.
- Architecture decisions are well-documented, risk-aware, and defensible.
- Retail platforms progress toward modernization with reduced rework and fewer late-stage security issues. Reporting & Alignment Reports directly to the CISO and works closely with the Global Cybersecurity Services teams. Day-to-day engagement is aligned to Retail Technology and project delivery leadership.