Architect, Enterprise Security



Architect - Enterprise Security  Cincinnati, OH


We are a full stack data science company and a wholly owned subsidiary of The Kroger Company.  We own 10 Petabytes of data, and collect 35+ Terabytes of new data each week sourced from 62 Million households.  As a member of our engineering team you will use various cutting edge technologies to develop applications that turn our data into actionable insights used to personalize the customer experience for shoppers at Kroger. We use agile development methodology, starting with Big Room Planning bringing everyone into the planning process to build scalable enterprise applications.


The Security Team partners with the business to enable innovation while ensuring appropriate security policies and practices are in place and sustained.   We also help the Company assess risk and recommend new governance, policies or practices as appropriate.

The enterprise security architect plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The enterprise security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.


As Security Architect you will:

  • Develop and maintain a security architecture and roadmap that enables the enterprise to develop and implement secure solutions that are aligned with business, technology and threat drivers
  • Develop a data protection standard and architecture that protects data from confidentiality or privacy violations and assesses risk on an ongoing basis.
  • Develop and maintain security architecture documentation (e.g., models, templates, standards and procedures) that may be leveraged by projects and operations to build security in from the beginning
  • Track development of threats to ensure they are adequately addressed in security architecture
  • Participate in data, application and infrastructure projects to provide security-planning advice
  • Coordinate 3rd party penetration tests for new services or applications
  • Advocate with DevOps teams to establish secure coding practices
  • Validate existing data solutions and IT infrastructure and other architectures for security best practices - recommend changes as needed to enhance security and reduce risks
  • Review network segmentation to ensure least privilege for network access
  • Review security technologies, tools and services, and make recommendations addressing security, financial and operational concerns
  • Liaise with other security architects and security practitioners to share best practices and insights



Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field as well as a minimum of 10+ years progressive experience.  Additional requirements include:

  • Hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
  • Experience reviewing application code for security vulnerabilities
  • Direct, hands-on experience or a strong working knowledge of vulnerability management tools
  • Full-stack knowledge of IT infrastructure:
    • Applications
    • Databases
    • Operating systems — Windows, Unix and Linux
    • Hypervisors
    • IP networks — WAN and LAN
    • Storage networks — Fibre Channel, iSCSI and NAS
    • Backup networks and media
  • Experience designing or managing Identity and Access Management technologies such as:
    • Active Directory
    • Lightweight Directory Access Protocol (LDAP)
  • Strong working knowledge of IT service management (e.g., ITIL-related disciplines as well as Agile development methodology
  • Experience designing the deployment of applications and infrastructure into public cloud services.





Back to top