Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

The Cybersecurity Enterprise Architect reports directly to the Chief Information Security Officer and operates strategically at the enterprise level. This role influences cross-functional teams and senior leadership to define and implement scalable, secure architectures across global platforms; leads collaboration with other architects and business stakeholders to capture cybersecurity and business requirements, analyze cost-benefit considerations, review industry trends, and anticipate technology evolution to strengthen Black Duck’s cybersecurity posture and exceed customer expectations.

Key responsibilities:

Define enterprise network and cloud security architectures, including on-premises and SaaS solutions, with a focus on scalability, reliability, maintainability, interoperability, and supportability

Build strong, collaborative relationships with staff across IT, R&D, cloud operations, product management, and business development teams

Guide the integration of Black Duck solutions into diverse operating environments, ensuring seamless operation and security

Review and advise on security control designs, including authentication/authorization (authN/authZ), data protection, encryption, and secrets management

Design and architect complex non-functional features such as multitenancy, high availability, disaster recovery, and zero-downtime patching

Establish and promote adoption of common security patterns and best practices throughout the organization

Serve as a strategic thought leader, educating software engineers, mentoring product security champions, and influencing senior leadership on security needs and solutions

Key Qualifications & requirements:

The ideal candidate possesses strong leadership and technical abilities, keen business acumen, and the critical thinking skills required to challenge conventional practices and drive innovation while maintaining rigorous cybersecurity standards. The role requires initiative, the ability to ask challenging questions, and support for strategic decision-making.

10+ years of experience designing secure operating environments, including traditional on-premises, virtual, and cloud settings using a broad range of technologies

Demonstrated expertise in designing complex SaaS application and deployment architectures

In-depth knowledge of IT, network, and cloud vulnerabilities, as well as cybersecurity controls

Ability to evaluate Enterprise AI solutions and associated risks

Familiarity with cloud service providers such as AWS, Azure, and GCP

Experience with cloud databases and application-level encryption

Comprehensive understanding of standards and controls required for cybersecurity and compliance obligations, including ISO 27001, SOC 2 Type 2, and FedRAMP

Practical experience leveraging services and techniques (e.g., databases within VPC boundaries) to ensure robust data protection

Experience with DevOps and SaaS; proficiency with modern automation, build, and orchestration technologies to accelerate customer value in both public and private cloud environments

Innate understanding of performance, scalability, availability, and maintainability issues within complex software systems, especially those with high-volume data management requirements and strict SLAs at the enterprise or web scale

Working knowledge of authentication mechanisms such as OIDC, SAML, and identity federation

Strong grasp of network, application, and cloud security testing techniques

Excellent communication and technical leadership skills

Self-motivated and capable of working independently in complex technical environments

Ability to learn rapidly and adapt to new challenges
Bachelor’s degree in computer science or engineering required; advanced degree preferred

Pay Range$158,900—$190,000 USD

Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.