Security & IAM Architect

Hpc Security Solutions Architect

NorthMark Compute & Cloud (NMC²) is backed by dedicated leadership and investment, with a clear mission as it operates at the bleeding edge of technology. Its goal is to scale and enhance the high-performance computing (HPC) and cloud infrastructure that supports its clients' research, production, and delivery, enabling breakthroughs that shape the industries of tomorrow. Its engineers build critical infrastructure to eliminate friction in scientific research, simulations, analysis, and decision-making, accelerating discovery and driving faster innovation.

As an HPC Security Solutions Architect, you will design and integrate end-to-end security architectures that safeguard HPC, AI/ML, and large-scale data-intensive workloads. You will act as a trusted advisor to customers, guiding them across the entire security lifecycle — from requirements discovery and architecture design, through proof-of-concept and deployment, to operational hardening, identity management, and ongoing optimization.

This role blends infrastructure security, identity and access management (IAM), and DevSecOps practices. You will ensure that HPC environments are secure by design — covering compute, storage, networking, Kubernetes, and orchestration layers — while also embedding controls into CI/CD pipelines and enabling compliance at scale. You will work directly with customers, but also collaborate closely with product, engineering, and security teams, turning real-world insights into reference architectures, reusable security patterns, and platform roadmap enhancements.

Responsibilities:

• Act as the primary security and IAM subject matter expert (SME) for customers adopting HPC platforms.
• Partner with customers to define security, identity, and compliance requirements, aligning them with workload performance and scale needs.
• Design and document comprehensive security architectures, including identity federation, SSO, RBAC, multi-tenancy controls, and policy enforcement.
• Implement Zero Trust principles by advising on strong authentication, encryption, workload isolation, and network segmentation.
• Embed and optimize AppSec tooling (SAST, SCA, DAST) into CI/CD pipelines to detect risks early and accelerate secure adoption.
• Help customers establish and manage IAM frameworks, including directory integration, identity lifecycle management, privileged access management, and secrets management.
• Lead proof-of-concept security engagements, validating policy enforcement, workload isolation, and compliance adherence in HPC workloads.
• Provide technical guidance on container and Kubernetes security, including admission controllers, runtime security, and OPA/Gatekeeper policies.
• Build automation for secure infrastructure provisioning using Terraform, Ansible, or Python/Go-based tooling.
• Develop and maintain reference architectures, blueprints, and playbooks for HPC security and IAM best practices.
• Conduct security and identity reviews of customer environments, recommending enhancements for resilience, compliance, and cost-effectiveness.
• Collaborate with engineering and product teams to integrate customer-driven security requirements into platform features and roadmaps.
• Stay current with HPC security, IAM, and compliance trends (e.g., NIST, ISO 27001, SOC 2) and advise customers on long-term adoption strategies.
• Represent the organization at customer workshops, security assessments, and industry forums.

Required Skills:

• Proven experience as a Security Solutions Architect, IAM Architect, or Security Engineer in HPC, cloud, or large-scale distributed systems.

• Strong expertise in:
• Identity and Access Management (IAM): SSO, RBAC, MFA, directory integration, federation (SAML, OIDC).
• Infrastructure and workload security: Zero Trust, encryption, workload isolation, segmentation.
• Kubernetes and container security: RBAC, admission controllers, runtime scanning, OPA/Gatekeeper.
• Application security tooling: SAST, SCA, DAST, SBOMs, CI/CD security integration.
• Proficiency in automation and scripting (Terraform, Ansible, Python, Go) for secure-by-default deployments.
• Familiarity with compliance frameworks (NIST, SOC 2, ISO 27001, CIS Benchmarks).
• Strong ability to translate customer security requirements into actionable architectures.
• Excellent customer-facing communication skills, able to engage technical and executive audiences alike.

Preferred Experience:

• Experience designing and delivering secure multi-tenant HPC environments.
• Hands-on experience with privileged access management (PAM) tools, secrets management, and identity lifecycle automation.
• Familiarity with observability tools (Prometheus, Grafana, OpenTelemetry) for monitoring security posture.
• Contributions to security or IAM-related open-source projects.
• Relevant Security and cloud certifications certifications such as CISSP, CISM, CKS, CCSP, or AWS Security Specialty.
• Bachelor's or Master's degree in Computer Science, Cybersecurity, Engineering, or a related technical field.

It is impossible to list every requirement for, or responsibility of, any position. Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company's needs may change over time. Therefore, the above job description is not comprehensive or exhaustive. The Company reserves the right to adjust, add to or eliminate any aspect of the above description. The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs.

Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Benefits & Perks:

• Company-Paid Lunch Stipend: Lunch is provided via GrubHub
• Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability
• 401(k): Company will match 100% of your contributions up to 6%
• Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more.
• Time Off: 25 days of Paid Time Off plus 12 company holidays

EQUAL OPPORTUNITY EMPLOYER

NORTHMARK STRATEGIES LLC IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.