Director, Security Architecture & Engineering

Job Description

About Boomi and What Makes Us Special

Are you ready to work at a fast-growing company where you can make a difference? Boomi aims to make the world a better place by connecting everyone to everything, anywhere. Our award-winning, intelligent integration and automation platform helps organizations power the future of business. At Boomi, you’ll work with world-class people and industry-leading technology. We hire trailblazers with an entrepreneurial spirit who can solve challenging problems, make a real impact, and want to be part of building something big. If this sounds like a good fit for you, check out boomi.com or visit our Boomi Careers page to learn more.

How You'll Make An Impact

You will be a key leader in Boomi's cybersecurity team, responsible for the strategic direction, design, and oversight of all security architecture and engineering efforts. You will manage the Cyber Security Engineering job family, setting architectural standards, driving major security technology deployments, and ensuring the technical roadmap aligns with global business objectives and risk posture. You will manage and mentor the security engineering team, fostering a culture of secure design and continuous improvement.

What You’ll Do

• Strategy & Roadmap (Plan): Define the enterprise-wide security strategy and roadmap. Identify gaps in our defenses and plan the long-term investment in tools and standards to close them.
• Strategic Architecture (Design): Act as the primary design authority. Create security patterns, blueprints, and "Golden Paths" for Cloud (AWS/Azure/GCP) and Application Security that make the secure choice the easy choice for developers.
• Threat Modeling & Offensive Design: Embed an "Attacker’s Mindset" into the design phase. Lead Threat Modeling sessions (e.g., STRIDE, PASTA) for critical architecture changes to anticipate adversarial moves before code is even written.
• Collaborative Engineering (Build): Work side-by-side with Engineering teams to identify and configure the right security tools (SAST/DAST/WAF). Focus on delivering solutions that integrate naturally into the developer ecosystem, making security an enabler of quality rather than just a compliance step.
• Operational Partnership (Run & Maintain): Collaborate closely with the Director of Operations to ensure a seamless handoff of technologies into the "Run" phase. Define operational playbooks, maintenance schedules, and health metrics to ensure that the security systems you build are sustainable, monitorable, and easily maintained by the Operations team.
• Corporate & Enterprise Security: Extend security architecture beyond the product to the corporate environment. Design and implement Zero Trust controls for internal infrastructure, including Identity & Access Management (IAM), endpoint security, and internal SaaS applications.
• Strategic Consolidation & Efficiency: Conduct a comprehensive audit of the current security toolchain to identify redundancy. Drive a strategy of consolidation, retiring legacy point-solutions in favor of integrated platforms that reduce complexity and cost.
• AI & Next-Gen Automation: Lead the architecture for securing internal AI/ML initiatives and champion an "Automate First" mentality. Replace manual security reviews with self-healing automation and API-driven workflows.
• Cross-Functional Partnership: Partner with R&D’s embedded DevSecOps teams to operationalize security standards into CI/CD pipelines, and collaborate with the Trust & Assurance team to rapidly engineer fixes for findings identified during Penetration Tests and Red Team exercises.
• Team Leadership: Manage and mentor a high-performing team of Security Architects and Engineers, fostering a culture of technical depth and innovation.

The Experience You Bring

• Minimum 10+ years of experience in Information Security, with 5+ years in a senior architecture or leadership role.
• Expert-level knowledge of security domains, architecture principles, and integration of security across enterprise and cloud environments (AWS, Azure, GCP).
• Proven experience in managing, budgeting, and scaling a high-performing technical team.
• Strong understanding of security frameworks (e.g., NIST CSF, ISO 27001) and security best practices for SaaS/Cloud platforms.
• Ability to define and articulate security strategy to executive leadership and technical teams.

Bonus Points If You Have

• Master's Degree in Computer Science, Information Security, or a related discipline.
• CISSP, CISM, or relevant architectural certifications.
• Experience in the financial planning and management of large-scale cybersecurity project.
• Background in large, high-growth SaaS or iPaaS environments.

Aren’t sure if you’re a match? We know that impostor syndrome and the confidence gap can prevent us from meeting spectacular candidates — so don’t hesitate to apply; you could be the perfect fit!

Location

Remote US

Compensation and Benefits

Boomi is committed to fair and equitable compensation practices. Base compensation for this position in our corporate headquarters in Conshohocken, PA begins at $176,242. This position is remote-friendly and, as such, final compensation will be determined by various factors including the candidate’s knowledge, skills, experience, and geographic location. An overview of our benefits can be found here.

#LI-ES1

Be Bold. Be You. Be Boomi. We take pride in our culture and core values and are committed to being a place where everyone can be their true, authentic self. Our team members are our most valuable resources, and we look for and encourage diversity in backgrounds, thoughts, life experiences, knowledge, and capabilities.

All employment decisions are based on business needs, job requirements, and individual qualifications.

Boomi strives to create an inclusive and accessible environment for candidates and employees. If you need accommodation during the application or interview process, please submit a request to talent@boomi.com. This inbox is strictly for accommodations, please do not send resumes or general inquiries.