Senior Director of Security Architecture

Job Overview

We are seeking an exceptional Sr. Director of Security Architecture and Security GRC with over 20 years of dedicated experience in Information Security, within Fintech or Technology Product companies. This role demands strategic thinking, strong leadership, and the ability to build and manage high-performing teams. The ideal candidate must possess expert-level knowledge, a proven track record of leadership with information security architecture, robust and resilient security solutions, extensive experience in developing complex Security Architecture programs, and a strong background in security risk assessments and security consulting services. The Sr. Director Security Architecture and Security GRC will report to the CISO. 

What You'll Do

• Responsible for the development and updating of a 5 year Security Architecture road-map tied to company policies, current and emerging security frameworks, legal and regulatory requirements 
• Responsible for the development of the foundational model for the Enterprise Security GRC program tied company policies, NIST RMF, legal and regulatory requirements and the broader Enterprise Risk Management short-, mid- and long-term strategy. 
• Develop and execute strategic security architecture and Security GRC initiatives aligned with business objectives and industry best practices 
• Lead the creation and evolution of enterprise-wide security architectures and frameworks 
• Provide expert guidance on security design principles, frameworks, and technologies 
• Collaborate with executive leadership to define and execute long-term security roadmaps
• Build, mentor, and lead high-performing teams of security architects and professionals 
• Drive innovation and continuous improvement in security practices 
• Evaluate emerging security threats and technologies, recommending proactive measures 
• Oversee the integration of security controls across cloud, on-premises, and hybrid environments 
• Develop and maintain security standards, policies, and procedures 
• Act as a key advisor to technology and business teams on security matters
• Lead comprehensive and continuous security risk assessments to drive risk reduction enterprise wide
• Develop and deliver high-value security consulting services 
• Manage relationships with key stakeholders across the organization 
• Effectively communicate complex security concepts to diverse audiences 
• Continuously adapt security practices based on emerging threats and technologies 

What We're Looking For

• 20+ years of progressive experience within Information Security, with a focus on security architecture  
• Proven experience in developing and managing complex Security Architecture programs  
• Expert-level knowledge of security principles, frameworks, and technologies  
• Extensive experience in architecting security solutions for Fintech or Technology Product companies  
• Demonstrated ability to build and mature security architecture practices  
• Strong track record of leading large-scale security initiatives and driving organizational change  
• Deep understanding of cloud security architectures and modern application security practices  
• Proven expertise in conducting security risk assessments and delivering consulting services  
• Strong knowledge of relevant regulatory requirements (e.g., PCI DSS, GDPR, SOC 2)  
• Experience with DevSecOps practices and securing CI/CD pipelines  
• Exceptional communication and interpersonal skills  
• Strategic thinking capability with the ability to translate vision into actionable plans  
• Strong leadership and people management skills, with a proven ability to build and lead high-performing teams  
• Demonstrated ability to influence and drive collaboration across diverse teams and organizational levels  
• Results-oriented approach with a track record of delivering exceptional security solutions  
• Commitment to staying current with emerging security threats and technologies  
• Advanced degree in Computer Science, Information Security, or related field 
• Relevant industry certifications (e.g., CISSP, CISM, CGEIT, CRISC) 

Desirable Skills & Experience

• Experience with emerging financial technologies  
• Background in securing microservices architecture  
• Familiarity with AI/ML security implications in financial services  
• Track record of contributions to the Information Security community as a thought leader and industry change agent  
• Experience in developing and implementing Zero Trust architectures  
• Proven ability to develop and deliver security training programs  
• Experience in building and leading cross-functional teams
• Contributions to the Information security industry as a thought leader through public speaking as a subject matter expert and/or industry frameworks like NIST, ISO, PCI or OWASP, written whitepapers on a particular security subject, etc.  

The successful candidate will have broad general information security knowledge/expertise, proven leadership skills, and the ability to work effectively across functional boundaries. They will be responsible for enhancing the security team's accomplishments and competencies by planning the delivery of solutions and answering technical questions. 

About AvidXchange

AvidXchange is a leading provider of accounts payable (“AP”) automation software and payment solutions for middle-market businesses and their suppliers. By trade, we are a technology company, but if you ask anyone who works here, they’ll tell you our people are at the core of who we are. We focus on creating a culture of Diversity, Inclusion & Belonging, and are proud to be a safe place where teammates can bring their whole selves to work. At AvidXchange, mindset is everything. We are Connected as People, Growth Minded, and Customer Obsessed. These three mindsets represent our culture – who we are, who we’ve always been, and they guide us to improve every day. Since our founding in 2000 in Charlotte, NC, we’ve created a company of over 1,600 teammates working in one of our 5 offices across the U.S., or remotely. AvidXchange is proud to be Certified™ as a Great Place to Work®. The prestigious recognition is based on anonymous data from our teammates and makes official what our teammates have known for years – that AvidXchange is a Great Place to Work®. 

Who you are: 

• A go-getter with an entrepreneurial mindset – that means you are not afraid of taking risks, winning big or facing the unknown. 
• Someone who understands that business is people centric. Connecting with others as humans first allows you to develop mutually beneficial working relationships. 
• Focused on making a difference for our customers. AvidXchange exists to help solve complex problems for our customers so we can all realize our potential. 

What you’ll get:  

AvidXchange teammates (we call them AvidXers) get the perks and prestige of a publicly traded tech company paired with the flexibility of a founder-led startup. We help our AvidXers develop as professionals and as human beings, providing work/life balance, development programs, competitive benefits and equity options. At AvidXchange, we are building more than a tech company – we are building an experience. We remain committed to a culture where you can fully be 'you’ – connected with others, chasing big goals, and making a meaningful impact. If you want to help us grow while realizing your potential and creating stories you’ll tell for years, you’ve come to the right place.

AvidXers enjoy:  

• 18 days PTO* 
• 11 Holidays (8 company recognized & 3 floating holidays) 
• 16 hours per year of paid Volunteer Time Off (VTO) 
• Competitive Healthcare 
• High Deductible Heath Plan Option that has $0 monthly premium for teammate-only coverage 
• 100% AvidXchange paid Dental Base Plan Coverage
• 100% AvidXchange paid Life Insurance 
• 100% AvidXchange paid Long-Term Disability 
• 100% AvidXchange paid Short-Term Disability  
• Employee Assistance Program (EAP) - Provides counseling services, legal and financial consultations and health advocacy for Teammates and their eligible dependents
• Onsite Health Clinic with Atrium Health** - available to Teammates and their eligible dependents
• 401k Match up to 4% 
• Parental Leave: 8 weeks 100% paid by AvidXchange*** 
• Discounts on Pet, Home, and Auto insurance 
• BrightDime Financial Wellness Tool, offered free to teammates 
• WeeCare Childcare Service: helps teammates find affordable daycare, childcare, and tutors 40% less expensive than traditional daycare centers 
• Perks at Work: free discount program that provides teammates the opportunity to save on items from electronics, movie tickets, car buying, vacations, and more 
• Onsite gym fitness center, yoga studio, and basketball court****
• Tuition Reimbursement up to the federal maximum of $5,250*****
• Hybrid Workplace Flexibility
• Free parking

*Fully granted from beginning of year, pro-rated if hired mid-year 

**Charlotte location only  

***Must be full-time for at least 3 months
****Charlotte location only
*****Must be full-time for at least one year 

Equal Employment Opportunity

AvidXchange is an equal opportunity employer. AvidXchange is committed to equal employment opportunity in accordance with applicable federal, state, and local laws. AvidXchange will not discriminate against applicants for employment on any legally recognized basis. This includes, but is not limited to veteran status, race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age and physical or mental disability.