Professional Services Security Architect

Job Description: • The Professional Services Security Architect is the premier technical and strategic authority within the Professional Services organization. • This role is responsible for designing enterprise-scale security architectures and leading the delivery of complex Tenable One projects. • As a PS leader, they bridge the gap between technical rigor and business growth, serving as a "Trusted Advisor" to C-suite clients while driving pre-sales activities and business development. • Beyond client delivery, this role spearheads internal technical excellence by mentoring the delivery team and their involvement in the Professional Services Training Academy to ensure global consistency and quality. • Partner with Sales and Services Account Management to validate technical discovery, perform needs analysis, and architect custom solutions for high-value enterprise accounts. • Validate the technical scope and effort of complex Statements of Work (SOWs), ensuring technical requirements align with the client’s business objectives and Exposure Management maturity goals. • Identify further revenue opportunities during engagements by identifying gaps in the client’s security ecosystem and recommending high-value service enhancements. • Act as a subject matter expert (SME) to client leadership, translating complex security data into strategic risk-reduction roadmaps. • Spearhead the design and implementation of robust security architectures for Tenable One projects, ensuring seamless integration with ITSM, CMDB, SIEM, and Cloud environments. • Lead large-scale, strategic project delivery teams from initiation to completion, ensuring all billable results exceed client expectations, while maintaining balanced theater-wide coverage across pre-sales validation and internal mentoring. • Develop and maintain standards, architectural governance, and design patterns for the global Professional Services team. • Independently handle high-level technical and client escalations, coordinating between the delivery team, Technical Support, and Engineering. • Act as a primary technical stakeholder for the Professional Services Training Academy; contribute to the curriculum, oversee the technical accuracy of training modules, and ensure the program reflects current field requirements. • Serve as a technical mentor and "shadow-er" for P2-P4 consultants, providing the high-level guidance necessary for their progression through the Training Academy. • Participate in the technical vetting and onboarding of new consultants and Sub-K partners, ensuring they meet the high standards of Tenable’s architectural delivery. • Conduct rigorous QA reviews of client deliverables, using these as "teachable moments" to improve the collective skillset of the delivery team. • Collaborate with PS Portfolio and Domain Specialists to create new delivery methodologies, tools, and technical documentation. • Stay at the forefront of trends in Cloud Security (CSPM/CIEM), Active Directory, and OT/SCADA to ensure Tenable offerings remain market-leading. • Research and implement automation (Python/PowerShell) to enhance the maturity and efficiency of Exposure Management programs. Requirements: • 12+ years of experience in the Information Technology and Cybersecurity fields, with a proven track record in professional services and consulting. • Bachelor’s degree in a technical field (e.g., IT, Computer Science) or equivalent professional experience. • Certifications: CISSP, CISM, or CISA required. OSCP or equivalent technical certifications are highly preferred. • Expert-level proficiency in Exposure Management principles, including architectural design, attack path analysis, and risk prioritization across modern, hybrid-enterprise attack surfaces. • Experience defining and implementing exposure management programs, processes, and procedures. • Recent in-depth experience performing vulnerability scans, configuration audits, and security monitoring using core Tenable products or other industry-leading solutions. • Proficiency in identifying threats related to vulnerabilities and weaknesses in host or network configurations. • Deep experience in security architecture for hybrid-cloud infrastructure (AWS, Azure, GCP), including CSPM, CIEM, IaC, containerization, and associated risks. • Strong technical foundation in Linux/Unix and Windows administration, Microsoft Active Directory environments, virtualization, and system configuration. • Deep understanding of networking, wireless LAN protocols (WLAN), and common control systems such as firewalls, ACLs, and IDS/IPS. • Knowledge of scripting (Python/PowerShell) for API-driven automation to support security workflows. • Comprehensive understanding of Auditing and Configuration frameworks such as ISO 17799, CIS, PCI, GLBA, and HIPAA. • Broad knowledge of cybersecurity principles, including defense-in-depth, least-privilege, data protection, and common security controls. • Understanding of OWASP and common web application vulnerabilities, including security within CI/CD processes. • Familiarity with SCADA and OT systems is a plus for managing exposure in industrial environments. • Extensive knowledge of integrating security platforms with Patch Management, IPAM, ITSM, CMDB, and SIEM solutions to build a cohesive security ecosystem strategy. • Ability to advise and assist in developing effective security strategies through platform integration. • Elite written and verbal communication skills; must be comfortable leading 3+ hour technical workshops, executive presentations, and calls while ensuring all tasks and topics are addressed. • Proven consulting abilities with a focus on client management, requirements gathering, and delivering consultative advice to ensure successful outcomes. • Strong analytical and troubleshooting skills, with the ability to diagnose and resolve complex security issues. • Ability to work remotely in a self-directed manner. • Ability to sit and work at a computer for extended periods. • Physically able to participate in training sessions, presentations and meetings. • Client-facing travel may be required. • Some Tenable office travel may be required. • Applicants must be authorized to work for any employer in the U.S. We are unable to provide sponsorship for work visas of any kind at the time of hire, or at any point during employment. Benefits: • medical • dental • vision • disability • life insurance • 401(k) retirement savings with company match • employee stock purchase plan • employee referral program • flexible spending accounts • Employee Assistance Program (EAP) • education assistance • parental leave • paid time off (PTO) • company-paid holidays • health and wellness events • community programs Apply tot his job