Principal Enterprise Security Architect

About GLOBALFOUNDRIES:

GlobalFoundries (GF) is a semiconductor manufacturer that produces chips for various high-growth markets, including automotive, smart mobile devices, and communications infrastructure. The company operates global manufacturing facilities in the U.S., Europe, and Asia and is a "Trusted Foundry" for government security needs. GF was founded in 2009 from AMD's manufacturing operations and has since grown to be the third-largest semiconductor foundry by revenue.

Summary of role:

The Enterprise Security Architect will drive the design and governance of security architecture across enterprise IT platforms, including cloud, infrastructure, applications, and global operations. This role ensures that technology solutions are secure, resilient, compliant, and aligned with enterprise architecture standards. The architect will partner closely with operations, application, infrastructure, and delivery teams to embed security across digital transformation initiatives, hybrid connectivity, and business-critical systems, while strengthening detection and incident response capabilities.

Essential Responsibilities:

Enterprise IT & Cloud Security Architecture

• Define and maintain enterprise-wide security reference architectures and design patterns spanning cloud, infrastructure, networks, and applications.
• Guide secure design for data centers, SaaS adoption, ERP/business systems, and hybrid connectivity.
• Ensure identity and access management frameworks (Azure Entra ID, AWS IAM, Active Directory, SSO/Federation) are integrated and consistently applied across enterprise IT.
• Embed zero trust principles, micro segmentation, and least privilege across IT ecosystems.
• Provide architectural guidance for modernization initiatives, including cloud migrations, application refactoring, and secure data pipelines.

Security Governance & Risk

• Translate regulatory and compliance requirements (CMMC, NIST 800-171, ISO 27001, ITAR, FIPS 140-3) into actionable architecture controls.
• Conduct risk assessments across enterprise IT programs, recommending compensating controls where needed.
• Lead architecture reviews and serve as a key member of enterprise governance forums.
• Establish reusable patterns for encryption, logging, key management, and workload protection across IT and cloud environments.

Enterprise Integration, Operations & Incident Response

• Partner with operations and observability teams to embed logging, monitoring, and telemetry across platforms.
• Architect solutions that enable advanced threat detection, automated alerting, and forensic readiness.
• Ensure enterprise IT environments support effective incident response workflows, including evidence capture, log retention, and secure data exchange.
• Collaborate with SOC, IR, and threat hunting teams to align playbooks, detection rules, and adversary pursuit strategies with enterprise architecture.
• Support resilience by aligning security design with disaster recovery, continuity, and high-availability requirements.

Broader Enterprise Functions

• Provide security architecture leadership for enterprise initiatives such as ERP upgrades, manufacturing/OT integrations, workplace technologies, and global IT services.
• Partner with data and analytics teams to secure data platforms, reporting tools, and AI/ML workloads where applicable.
• Influence vendor evaluations and technology adoption to ensure alignment with enterprise security standards.
• Serve as a trusted advisor to senior IT and business stakeholders, balancing security, usability, and business outcomes.

Required Qualifications:

• 10+ years of experience in enterprise IT security, with 5+ years in architecture roles.
• Strong expertise in AWS and Azure security services (e.g., GuardDuty, Security Hub, Defender for Cloud, Key Vault, KMS, WAF).
• Deep knowledge of enterprise IT domains: networking, infrastructure, identity, applications, and data protection.
• Experience designing architectures that support detection, response, and recovery operations.
• Ability to bridge strategic vision with practical solution delivery.

Preferred qualifications:

• Professional certifications: AWS Security Specialty, Azure Security Engineer, CISSP, SABSA, or TOGAF.
• Experience with hybrid and multi-cloud architectures, Kubernetes security, ERP/application security, and secure data pipelines.
• Familiarity with DevSecOps, CI/CD security integration, and Infrastructure-as-Code.
• Exposure to OT/ICS environments and their integration with enterprise IT.
• Strong communication and executive presentation skills.

Expected Salary Range

$106,100.00 - $218,500.00

The exact Salary will be determined based on qualifications, experience and location.