KLA Sr Cybersecurity Architect 

United States, Michigan, Ann Arbor 

228203664

• DevSecOps Strategy & Implementation: Define and execute a DevSecOps roadmap that integrates security into CI/CD pipelines, Kubernetes, serverless applications, and AI-driven chatbot platforms

• Azure Chatbot Security: Implement secure AI and chatbot architectures in Azure, ensuring compliance with security standards, data protection, and access control.

• Databricks Security & Data Protection: Secure data lakes, ML models, and Databricks notebooks by implementing role-based access control (RBAC), encryption, and compliance monitoring

• Security Automation & Infrastructure as Code (IaC): Automate security controls using Terraform, Ansible, Bicep, and Azure Policy to enforce security in cloud-native deployments

• Azure Key Vault & Secrets Management: Design and implement secure identity and secrets management strategies, ensuring API keys, encryption keys, and credentials are properly managed.

• Digital Rights Management (DRM): Implement data protection, rights management, and access controls to ensure secure handling of intellectual property, digital assets, and sensitive data across applications and data platforms

• Cloud & Container Security: Establish best practices for securing containers, Kubernetes, microservices, and serverless functions, including runtime security and policy enforcement

• MITRE ATT&CK-Based Threat Modeling & Risk Management: Utilize MITRE ATT&CK techniques to enhance threat modeling, detection engineering, and security response strategies for applications, infrastructure, and data environments

• Zero Trust & API Security: Enforce security controls around OAuth, SAML, JWT, Zero Trust, and API gateways to secure applications, chatbot interactions, and Databricks data pipelines

• Security Monitoring & Incident Response: Leverage MITRE ATT&CK tactics to design threat hunting, detection, and response strategies using SIEM, XDR, and threat intelligence tools

• Compliance & Governance: Ensure DevSecOps implementations align with NIST, CSA, CIS, ISO 27001, and regulatory requirements (e.g., SOX, GDPR, CMMC, HIPAA)

• Collaboration & Training: Partner with development, IT, and security teams to build security awareness and advocate for secure coding, DevSecOps best practices, AI security, and data security

• Security certifications (CISSP, CSSLP, CCSP, CKS, OSCP, GCSA, or similar)

• Hands-on experience with CI/CD tools (Azure DevOps, GitHub Actions, GitLab CI/CD, Jenkins, ArgoCD, etc.)

• Expertise in Azure Security Services, including Azure Key Vault, Azure Sentinel, Defender for Cloud, and Security Center

• Experience securing AI-driven chatbot platforms (Azure Bot Service, OpenAI GPT, or similar)

• Strong knowledge of cloud security (Azure, AWS) and container security (Kubernetes, Istio, Docker)

• Experience securing Databricks workloads, data lakes, ML pipelines, and Spark environments

• Familiarity with Digital Rights Management (DRM) strategies for protecting sensitive assets

• Strong experience leveraging MITRE ATT&CK for threat modeling, detection engineering, and adversary simulation

• Experience implementing SAST, DAST, SCA, and RASP security solutions in DevOps workflows

• Familiarity with SOAR, SIEM, XDR, and threat intelligence tools

• Experience working with API security, OAuth2, JWT, SAML, and microservices security

• Strong understanding of secure coding principles, threat modeling, and OWASP Top 10

• Excellent communication skills to influence development teams, data engineering teams, and executive leadership

Minimum Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, or equivalent experience in a related field

• Minimum five (5) years of experience in DevSecOps, cloud security, or cybersecurity architecture

• Hands-on expertise in securing cloud-based AI/chatbot solutions, data platforms (Databricks), CI/CD workflows, and software development

• Strong background in cloud security, automation, and compliance

• Ability to design scalable and secure application architectures

• Passion for fostering a security-first DevOps culture

. Please ensure that you have searched