Director - Security Architecture, Operations, and Engineering

Archer is an aerospace company based in San Jose, California building an all-electric vertical takeoff and landing aircraft with a mission to advance the benefits of sustainable air mobility. We are designing, manufacturing, and operating an all-electric aircraft that can carry four passengers while producing minimal noise.

Our sights are set high and our problems are hard, and we believe that diversity in the workplace is what makes us smarter, drives better insights, and will ultimately lift us all to success. We are dedicated to cultivating an equitable and inclusive environment that embraces our differences, and supports and celebrates all of our team members.

Director- Security Architecture, Operations, and Engineering

Job Overview

We are seeking a Director of Security Architecture and Engineering to design and implement Archer's enterprise security infrastructure and technical vision. You are a strategic, hands-on technologist and an excellent communicator who can see the big picture. Reporting directly to the CISO, you will oversee the design and deployment of security architecture across identity, cloud, application, and infrastructure domains, while ensuring strict compliance with NIST SP 800-171, CMMC Level 2, SOX, and ITAR requirements. This role combines engineering excellence with security strategy, requiring deep technical expertise in modern security tools, architecture patterns, and the ability to translate business risks into technical requirements that all teams follow. You will collaborate with cloud, application, identity, and infrastructure teams to develop a unified, defense-in-depth security architecture that helps Archer maintain federal contractor eligibility, achieve operational agility, and scale confidently.

Key Responsibilities

• Design and implement a unified Zero Trust Architecture (ZTA) that spans identity, network, cloud, application, and infrastructure domains, establishing architecture standards and guiding principles for all security domains across Archer.
• Lead the architecture and technical design of cloud security infrastructure (AWS, Azure, and GCP), including secure landing zones, network segmentation, encryption strategies, and shared security services (logging, threat detection, key management).
• Establish security control architecture aligned to NIST SP 800-171 and CMMC Level 2 frameworks, translating control requirements into technical solutions and engineering roadmaps across the enterprise.
• Design and oversee the implementation of identity and access management architecture (Okta, privileged access management, identity governance), ensuring scalability, auditability, and alignment to zero trust principles.
• Create and maintain security architecture blueprints and technical reference architectures (cloud, microservices, DevSecOps) that enable consistent, secure design across all engineering teams.
• Establish DevSecOps architecture and practices, including CI/CD security gates, infrastructure-as-code scanning, supply chain security, and automated compliance evidence collection integrated into the development pipeline.
• Lead security architecture reviews for major infrastructure, cloud, and application projects, ensuring security requirements are integrated early, and tradeoffs between security and business needs are documented.
• Drive the design and implementation of enterprise security tooling strategy (SIEM, CSPM, endpoint detection, threat intelligence), ensuring tools integrate seamlessly and reduce operational friction.
• Establish threat modeling and attack surface management practices across engineering teams, prioritizing investments based on residual risk and business impact.
• Mentor and lead security engineers and architects, establishing technical standards, conducting design reviews, and building a strong security engineering culture.
• Stay current with emerging threats, architectural patterns, and security technologies, representing Archer at industry forums and translating external security research into internal architectural improvements.
• Communicate security architecture and risk posture clearly to executive leadership, boards, and external auditors, translating technical complexity into business language.

Required Qualifications

• Bachelor’s degree in computer science, Information Security, Engineering, or related field (or equivalent work experience).
• 10 plus years of experience in Security Engineering, Cloud Architecture, Infrastructure Design, or related roles, with a minimum of 3 years in a lead or principal architect role designing enterprise-scale security architectures.
• Expert-level understanding of Zero Trust Architecture (ZTA) principles and hands-on experience designing and implementing ZTA across multiple domains (identity, network, cloud, application).
• Deep technical expertise in cloud security architecture (AWS and Azure), including networking, identity services, compute security, data protection, and logging.
• Hands-on architecture experience with identity and access management platforms (Okta, Azure AD) and privileged access management solutions.
• Expert-level understanding of NIST SP 800-171 and CMMC Level 2 frameworks, with the ability to design control architecture and technical solutions that satisfy compliance requirements.
• Strong knowledge of SOX ITGC requirements, ISO 27001 architecture, and ability to design controls that balance security and operational needs.
• Architecture and design experience with infrastructure-as-code, containerization, Kubernetes, and DevSecOps practices.
• Proficiency in threat modeling methodologies and ability to assess residual risk in complex systems.
• Strong communication skills to present security architecture to technical teams, executive leadership, and boards, translating technical concepts into business language.
• You’re a utility player with demonstrated ability to lead and mentor teams, define standards, and drive cross-functional initiatives.

Preferred Qualifications

• Experience in Aerospace, Defense, or Federal Contractor industries, including familiarity with CMMC, FedRAMP, and DoD contract requirements.
• Hands-on experience with security architecture in highly regulated environments (financial services, healthcare, defense).
• Deep expertise in advanced threat detection, incident response architecture, and SIEM/SOAR design.
• Architecture experience with API security, microservices security, and supply chain security (software composition, SBOM, secure supply chain practices).
• Professional certifications such as CISSP, CCSK, or cloud architecture certifications (AWS Solutions Architect Professional, Azure Solutions Architect Expert), combined with a security focus.
• Published research, speaking experience, or thought leadership in security architecture.
• Advanced degree in Cybersecurity, Computer Science, or Engineering.
• Experience designing and implementing enterprise security automation and orchestration platforms.
• Background in building and scaling security engineering teams.

Please note that this job description is intended to provide a general overview of the position and does not include an exhaustive list of responsibilities and qualifications

At Archer we aim to attract, retain, and motivate talent that possess the skills and leadership necessary to grow our business. We drive a pay-for-performance culture and reward performance that supports the Company’s business strategy. For this position we are targeting a base pay between $219,000.00 - $290,00.00. Actual compensation offered will be determined by factors such as job-related knowledge, skills, and experience.

Archer is proud to be an Equal Opportunity employer committed to diversity and inclusivity in the workplace. All aspects of employment are decided on the basis of merit, qualifications, and business needs. We do not discriminate based upon race, color, religion, sex, sexual orientation, age, national origin, disability status, protected veteran status, gender identity or any other characteristic protected by federal, state or local laws.

Archer is committed to working with and providing reasonable accommodations to job applicants with physical or mental disabilities, and those with sincerely held religious beliefs. Applicants who may require reasonable accommodation for any part of the application or hiring process should provide their name and contact information to Archer’s People Team at people@archer.com. Reasonable accommodations will be determined on a case-by-case basis.

Information collected and processed as part of any job applications you choose to submit is subject to Archer's Candidate Privacy Policy.

Archer is unable to provide work visa sponsorship for this position at the present time.

Archer is proud to be an Equal Opportunity employer committed to diversity and inclusivity in the workplace. All aspects of employment are decided on the basis of merit, qualifications, and business needs. We do not discriminate based upon race, color, religion, sex, sexual orientation, age, national origin, disability status, protected veteran status, gender identity or any other characteristic protected by federal, state or local laws.

Archer Aviation does not engage with external recruiting agencies/individual recruiters with whom it does not have a prior written agreement. Archer reserves the right to make use of any unsolicited resumes that it receives and bears no responsibility for payment of any fees asserted from the use of unsolicited resumes. If you are a recruiting agency or individual recruiter wishing to do business with Archer, please reach out to People@archer.com. All employment processes are managed by the Archer People Team.