Job Description Summary
We are seeking a Principal Cybersecurity Architect – Application & Data to serve as a senior technical leader responsible for securing enterprise applications, data platforms, and digital services across cloud and hybrid environments.This role will partner with application teams, data engineering, and platform teams to ensure that security is built into application design, development, and data lifecycle management from inception. The architect will play a critical role in enforcing secure-by-design principles, supporting architecture reviews (e.g., BASE), and defining enterprise security patterns for modern application stacks.
You will lead the development of security strategies for enterprise applications, APIs, SaaS platforms (including M365), and data platforms such as Databricks, while ensuring alignment with enterprise policy, regulatory requirements, and Zero Trust principles.
Job Description
Key Responsibilities
Application Security Architecture & Governance
- Lead security architecture reviews for enterprise applications, APIs, and SaaS integrations to ensure alignment with security standards and policies
- Identify risks, control gaps, and non-compliant patterns across application and integration architectures
- Define required application security controls across the SDLC
- Provide architecture approvals, conditional approvals, and remediation guidance
- Publish Risk Assessment Reports that include threats and mitigating controls aligned to GEV policies and standards.
Data Security & Platform Protection
- Define security architecture for data platforms (e.g., Databricks), data lakes, and analytics environments
- Establish controls for data classification, encryption, access governance, and secure data sharing
- Ensure protection of sensitive data (PII, confidential, regulated) across storage, processing, and transmission
- Partner with data engineering teams to implement secure data pipelines and controls
Secure-by-Design & Threat Modeling
- Lead threat modeling and risk analysis for applications, APIs, and data platforms using industry frameworks (e.g., MITRE ATT&CK, OWASP)
- Define and enforce secure design patterns for applications and integrations
- Ensure security controls are incorporated early in architecture and design phases
SaaS & M365 Security Architecture
- Define secure integration patterns for M365, Microsoft Graph API, and SaaS platforms
- Review application permissions, identity models, and data access controls for SaaS integrations
- Ensure compliance with enterprise identity, access management, and governance standards
Application & Platform Security Controls
- Define enterprise standards for application security including:
- Authentication and authorization (SSO, federation, least privilege)
- API security and gateway patterns
- Secrets management and secure configuration
- Vulnerability management and secure coding practices
- Ensure implementation of controls across CI/CD pipelines, cloud-native services, and microservices architectures
- Collaborate with engineering teams to embed controls into automated pipelines
Reusable Security Patterns & Enablement
- Create and publish reusable application and data security patterns to standardize secure deployments
- Enable adoption of standard patterns to reduce risk and accelerate delivery
- Drive consistency across application security reviews and implementations
Technical Leadership & Enterprise Influence
- Serve as a subject matter expert in application and data security architecture
- Partner with cross-functional teams (App Dev, Data Engineering, Cloud, IAM, GRC)
- Mentor architects and engineers on secure development and architecture practices
- Influence enterprise security strategy for modern application platforms and data ecosystems
Required Qualifications
- 10+ years of cybersecurity experience with strong focus on application and data security architecture
- 3+ years in senior/principal-level architecture roles in large enterprise environments
- Deep expertise in application security (AppSec), including secure SDLC, API security, and microservices security
- Experience securing data platforms (e.g., Databricks, data lakes, analytics platforms)
- Strong understanding of SaaS security (M365, APIs, Graph integrations)
- Experience with threat modeling frameworks (MITRE ATT&CK, OWASP)
- Knowledge of identity and access management (IAM), SSO, and federation
- Proven experience defining enterprise security standards, patterns, and architectures
- Strong communication and stakeholder influence skills
Preferred Qualifications
- Experience supporting enterprise architecture review processes (e.g., BASE)
- Experience with cloud-native application architectures (AWS, Azure) and container platforms
- Familiarity with DevSecOps, CI/CD security tooling, and IaC security scanning
- Knowledge of data governance, privacy, and regulatory compliance frameworks
- Certifications such as:
- CISSP, CCSP
- CSSLP (Certified Secure Software Lifecycle Professional)
- Cloud or data security certifications
- Experience in hybrid IT/OT or regulated environments
Additional Information
GE Vernova offers a great work environment, professional development, challenging careers, and competitive compensation. GE Vernova is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE Vernova will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No
Originally posted on