Security Solution Architect

Job Description

The Opportunity

The Security Platform Engineering (SPE) organization seeks an experienced and detail-oriented Security Solution Architect who can assist with designing and developing security controls to support the Enterprise Cyber Security organization. This role serves as help design, implement, and enhance security capabilities across a modern enterprise technology environment. This mid‑level role is ideal for someone with a strong security foundation who can operate as a generalist across cloud, application, data, and platform security—while also bringing practical exposure to securing AI/ML workloads in an enterprise context. In this role, you'll collaborate with engineering teams, product partners, and enterprise architecture groups to ensure security controls are effectively embedded into new and existing solutions. You will assess designs, identify risks, recommend mitigations, and help guide secure implementation patterns that scale across the organization.

The Team

This role is a part of the Security Solution Architect Team, which is a strategic arm of our Security Platform Engineering organization, and is crucial for maintaining strong security, compliance to security controls, and assisting with operatonal efficiency. This group is responsible for building and maintaining the core security controls for MassMutual, as well as designing and deploying strategic solutions that will enable controls to be embedded into strategic business processes.

The Impact

As a Security Solution Architect, you will be responsible for supporting enterprise security project delivery work, partnering with enterprise architects to design and deploy secure solutions, assisting SPE delivery and operational support teams as needed for troubleshooting. You will partner with vendors to solve strategic challenges that align with enterprise roadmaps and will have an opportunity to utilize your experience and expertise to improve existing processes, patterns, and infrastructure.

*** This position can be located in our Springfield, MA, Boston, MA, or NYC office.

The Minimum Qualifications

• 5+ years of experience designing, implementing, deploying, and maintaining security solutions across multiple security domains
• 5+ years of experience with IT foundations such as networking, identity, endpoint, OS, cloud, data, and others
• 5+ years of experience working with complex enterprise solutions
• 5+ years of experience working with project delivery teams
• 5+ years of experience with documentation and demonstrated ability in operational hand off
• 5+ years of experience working on Security and Operation Incident objectives
• 5+ years of experience in audit remediation and mitigations
• 5+ years of experience supporting complex environments
• 5+ years of experience with Identity Lifecycle Management, Access Reviews, Intelligence (Analytics), Roles and Rules management, and Segregation of Duties
• Authorized to work in the United States without sponsorship now or in the future

Responsibilities

• Design and architect security solutions that align with business requirements, compliance standards, and industry best practices
• Partner with engineering teams, product stakeholders, and enterprise architects to embed security requirements into solution designs and project delivery workflows
• Evaluate existing security systems and recommend improvements to enhance protection and efficiency
• Support security project delivery by contributing domain expertise, providing architectural guidance, and assisting with implementation activities
• Work with vendors and external partners to evaluate and deliver strategic security capabilities that align with enterprise roadmaps
• Develop integration patterns, automation approaches, and reusable architectural assets to improve engineering efficiency
• Provide consultation across lines of business to ensure secure solution design, secure deployment practices, and adherence to security best practices
• Assist in securing AI/ML workloads, model endpoints, training data, and governance guardrails within enterprise AI platforms
• Communicate complex technical concepts to nontechnical stakeholders through clear documentation, presentations, and discussions
• Stay current on evolving cyber threats, technologies, and regulatory requirements
• Ability to collaborate across lines of business to consult and guide projects as needed to follow best practices around identity and access management
• Understanding of web security concepts and security in-depth
• Ability to collaborate across lines of business to consult and guide projects as needed
• Ability to grasp large scale, enterprise class deployments
• Software system integration
• Troubleshooting and triage of complex production issues, with technical support to operations and supporting teams
• Understanding of the Atlassian productivity suite (JIRA, Confluence, Bitbucket, etc)
• Excellent Organizational Skills
• Excellent written and verbal communication skills. Will be communicating technical information to non-technical end users

The Ideal Qualifications

• Bachelor of Science in Computer Science or Information Management
• 7-10 years of experience in a complex web infrastructure environment
• Experience maintaining various web proxies using Security Access Manager
• Ability to look at the big picture and recommend designs based on industry best practice
• Hands‑on experience with core security domains (identity, data protection, cloud security, application security)
• Emerging experience in AI security—such as securing model endpoints, protecting training data, or working with governance guardrails for enterprise AI platforms
• You should be comfortable partnering with technical peers, interpreting security requirements, and translating them into actionable solution designs
• Ability to think critically under pressure and deliver on time
• Ability to work independently with minimal supervision

#LI-SC1