Security Architect

Security Architect 

The Opportunity 

As a Security Architect at Commvault, you will help secure the design and deployment of third-party and internal solutions across our internal environment and platforms. This role is hands-on and forward-looking, centered on identifying and mitigating security risks while enabling innovation at scale. 

As a member of the Security Architecture team you will partner closely with Enterprise Architecture, Security Engineering, and Cloud Security teams to conduct security reviews, define enterprise standards, and recommend improvements for new applications, solutions, and the overall Commvault enterprise environment. 

What You’ll Do 

• Identify and assess security risks across applications, networks, cloud architectures, identity platforms, and supporting infrastructure. 

• Evaluate third‑party platforms, SaaS applications, and integrations for security and compliance risks. 

• Collaborate with GRC, IT, and Eng teams to define, document, and implement enterprise security standards to meet regulatory, contractual, and internal governance requirements 

• Provide architectural guidance on secure network segmentation, zero trust design patterns, data protection mechanisms, access control models, and secure system configuration. 

• Establish and perform security design reviews and threat modeling for new or updated systems, applications, and integrations. 

• Assess cloud-native deployments and cloud architectures (AWS, Azure, GCP) to ensure alignment with security best practices and organizational standards. 

• Monitor emerging threats, vulnerabilities, and security technologies and translate them into actionable architecture improvements. 

 

Who You Are 

• 5+ years of experience in information security, product security, or security engineering roles 

• Strong ability to communicate and collaborate with both technical stakeholders and leadership across engineering, product, IT, and legal teams 

• Strong, structured writing ability needed to conduct security reviews  

• Working knowledge of common security frameworks (ISO, NIST, PCI-DSS, CIS, MITRE Attack Framework) and ability to apply these principles in practice 

• Strong understanding of: 

• Application security fundamentals, secure SDLC, and common application threat vectors 

• Network security standards and architectures, including firewalling, segmentation, VPNs, zero trust, IDS/IPS, web filtering, and encryption 

• IAM standards, including SSO, MFA, OAuth 2.0, OIDC, SAML, RBAC/ABAC, and privileged access patterns 

• Active Directory, Entra ID (Azure AD), directory services, identity federation, conditional access, and authentication hardening 

• Server configuration and hardening for both Linux and Windows systems 

• Securing hybrid cloud architecture and cloud-native services 

• Knowledge of modern threat modeling and risk assessment techniques. 

• Comfortable collaborating with engineering, data science, and product teams. 

• Able to translate complex technical security risks into practical guidance.