Information Security Architect

The Information Security Architect is a senior technical leader responsible for defining and governing the enterprise security architecture at Summit Utilities. This role designs security frameworks, reference architectures, and technical standards that protect Summit’s digital assets, operational technology, and data across on-premises and cloud environments.

The Information Security Architect translates business and regulatory requirements into security architecture patterns, leads architecture reviews, conducts threat modeling, and ensures that security is designed into every system, application, and integration. This role partners closely with IT, engineering, compliance, and business leadership to balance risk mitigation with operational agility.

This position requires deep technical breadth across multiple security domains, a strategic mindset, strong communication skills, and the ability to influence across all levels of the organization.

• Lead architecture reviews for all major IT and engineering projects, ensuring security requirements are embedded from design through deployment.Conduct threat modeling and architecture risk assessments to identify design-level vulnerabilities and recommend mitigations.Develop and enforce security standards, guidelines, and design patterns for identity and access management (IAM), network segmentation, data protection, encryption, and API security.Own the security technology roadmap, evaluating emerging tools, platforms, and frameworks to strengthen Summit’s security posture.Partner with the Director of Information Security and GRC team to map technical controls to compliance frameworks (NIST CSF, C2M2, ISO 27001, SOC 2, PCI DSS, HIPAA).Advise on secure cloud architecture, including landing zone design, cloud security posture management (CSPM), and infrastructure-as-code (IaC) security guardrails.Design and govern Zero Trust architecture strategies, including micro-segmentation, least-privilege access, and continuous verification.Collaborate with enterprise architects, application teams, and infrastructure engineers to integrate security into CI/CD pipelines and DevSecOps practices.Mentor security engineers and analysts on architecture principles, secure design, and technical standards.Represent the security function in enterprise architecture governance boards, change advisory boards, and vendor evaluations.Stay current on threat landscape, emerging technologies (AI/ML security, quantum-safe cryptography), and evolving regulatory requirements to inform architecture decisions.

• Bachelor’s degree in computer science, Information Security, Engineering, or a related field is required. Master’s degree in Cybersecurity, Information Systems, or related discipline is strongly preferred.10+ years of progressive experience in information security, with at least 5 years focused on security architecture, engineering, or infrastructure design.Professional certifications required or strongly preferred: CISSP, CISSP-ISSAP, SABSA, TOGAF, or equivalent architecture credentials. Cloud security certifications (AWS Security Specialty, Azure Security Engineer, CCSP) are highly valued.Demonstrated experience designing enterprise security architectures for hybrid cloud environments, including IaaS, PaaS, and SaaS platforms.Proven track record of leading architecture reviews, threat modeling exercises, and security standards development in regulated industries (utilities, energy, or critical infrastructure preferred).

• Expert-level knowledge of security architecture frameworks (SABSA, TOGAF, NIST) and their practical application to enterprise IT environments.Deep understanding of cloud security architecture across AWS, Azure, and/or GCP, including identity federation, network security, data encryption, and workload protection.Strong expertise in identity and access management (IAM), privileged access management (PAM), Zero Trust principles, and federation/SSO technologies.

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and/or skills required of all personnel so classified.

Summit offers competitive pay and medical/dental/vision and other benefits that provide flexibility, choice and support to our employees when they need it most. We understand that home and family are essential pieces of your life, and our benefits are designed to support you both at work and at home.

Summit Utilities, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status and will not be discriminated against on the basis of disability or veteran status.