Information Security Architect - Product Engineering: Platforms in Tampa, Florida, United States
Iron Mountain Information Security Architect - Product Engineering: Platforms Tampa, Florida
Job Summary:
At Iron Mountain, we protect what our customers value most: their information and assets. As an Information Security Architect, you will play a key role in ensuring the security, compliance, and resilience of our technology infrastructure. You will design and implement security solutions that safeguard sensitive data, systems, and operations against the rapidly evolving threat landscape. This position is vital for our ongoing commitment to maintaining best-in-class security for both our customers and our internal operations.
Key Responsibilities:
Architect Security Solutions : Design, implement, and maintain security architectures for network, cloud, and application environments to safeguard sensitive data and prevent unauthorized access.
Risk Management : Identify and evaluate security risks in both existing and future technology environments. Develop mitigation strategies to address potential vulnerabilities.
Compliance and Regulatory Alignment : Ensure that security controls meet regulatory and legal requirements, such as GDPR, HIPAA, PCI-DSS, and SOC 2 compliance. Lead efforts in developing and maintaining compliance documentation.
Security Policy Development : Collaborate with senior leadership and cross-functional teams to define, establish and enforce security policies, procedures, and best practices across the Digital Business Unit.
Incident Response : Develop and enhance incident response strategies, ensuring the organization is prepared to effectively respond to security breaches. Provide technical guidance in the event of a security incident.
Cloud Security : Provide security leadership in cloud services (AWS, Azure, GCP), ensuring the secure design of multi-cloud and hybrid environments.
Security Assessments : Conduct regular security reviews and assessments, including vulnerability scanning, penetration testing, and risk analysis. Proactively work with IT and development teams to remediate security issues.
Collaboration & Stakeholder Engagement : Work closely with IT, legal, compliance, and other departments to integrate security into all processes. Act as a security advisor on major IT projects, ensuring that security is a key consideration in business and IT decisions.
Emerging Threat Analysis : Stay current with the latest cybersecurity trends, threats, and technologies. Provide recommendations for improving security strategies based on emerging risks and evolving threat landscapes.
Qualifications:
Education :
- Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field (Master’s degree preferred).
Experience:
7+ years of experience in Information Security, with a minimum of 3 years in an architecture or design role.
Extensive knowledge of information security standards (ISO 27001, NIST, CIS).
Proven experience with security frameworks and regulatory requirements, including PCI-DSS, GDPR, and HIPAA.
Experience designing security architectures for cloud environments (AWS, Azure, or GCP) and securing hybrid systems.
Certifications:
- CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or equivalent certifications preferred.
Technical Skills:
Strong expertise in security protocols, encryption, and identity management (IAM).
Hands-on experience with SIEM tools (e.g., Splunk, IBM QRadar) and threat detection technologies.
Proficiency in network security, firewalls, VPNs, IDS/IPS, DLP, and endpoint security solutions.
Deep understanding of cloud security controls and technologies.
Soft Skills:
Excellent verbal and written communication skills with the ability to articulate complex security concepts to non-technical stakeholders.
Strong problem-solving and analytical skills.
Ability to work collaboratively in a cross-functional environment.
This role may require occasional travel based on business needs.
Category: Information Technology
Iron Mountain is a global leader in storage and information management services trusted by more than 225,000 organizations in 60 countries. We safeguard billions of our customers’ assets, including critical business information, highly sensitive data, and invaluable cultural and historic artifacts. Take a look at our history here .
Iron Mountain helps lower cost and risk, comply with regulations, recover from disaster, and enable digital and sustainable solutions, whether in information management, digital transformation, secure storage and destruction, data center operations, cloud services, or art storage and logistics. Please see our Values and Code of Ethics for a look at our principles and aspirations in elevating the power of our work together.
Requisition: J0081177