Sr. Architect Security - AI. in Cincinnati, Ohio at CBTS

CBTS serves enterprise and midmarket clients in all industries across the United States and Canada. CBTS combines deep technical expertise with a full suite of flexible technology solutions--including Application Modernization, Managed Hybrid Cloud, Cybersecurity, Unified Communications, and Infrastructure solutions. From developing and deploying modern applications and the secure, scalable platforms on which they run, to managing, monitoring, and optimizing their operations, CBTS delivers comprehensive technology solutions for its clients' transformative business initiatives. For more information, please visit www.cbts.com.

Job Purpose

The mission of the CBTS Corporate Security Team is to protect our organization’s people, assets, and information, while supporting continued innovation and the delivery of advanced technology products and services to our customers.

This role will be responsible for designing, implementing, and operating the security controls that protect CBTS's AI systems and software delivery pipelines. This role sits at the intersection of security engineering and modern development practices, partnering with DevOps and engineering teams to embed security into the tools, pipelines, and platforms developers use every day. The engineer will build guardrails around AI systems (models, agents, data flows, and developer-facing AI tooling), advance secure-by-default CI/CD practices, and enable engineering teams to deliver internal and customer-facing work safely and at speed.

Success in this role requires equal parts technical depth and fluency with modern development workflows, with a focus on making security a practical enabler of how engineering teams already work rather than an obstacle to it.

Experience

• 10+ years of combined experience in roles such as DevOps Engineer, DevSecOps Engineer, Platform Engineer, Security Engineer, or Security Architect.

Education

• Four years of college resulting in a bachelor’s degree or equivalent

Certifications, Accreditations, Licenses

One or more of the following (or similar) certifications:

• ISC2 CISSP or CCSP
• GIAC GCSA (Cloud Security Automation) or Practical DevSecOps CDP/CDE
• AWS Certified Security – Specialty
• AWS Certified DevOps Engineer – Professional
• Microsoft SC-100 (Cybersecurity Architect Expert)
• Microsoft AZ-500 (Azure Security Engineer)
• Microsoft AZ-400 (DevOps Engineer Expert)

Special Knowledge, Skills, and Abilities

• Knowledge of AI/ML security concepts and frameworks (NIST AI RMF, OWASP Top 10 for LLMs, MITRE ATLAS)
• Familiarity with secure SDLC frameworks (NIST SSDF) and OWASP standards
• Understanding of how generative AI tools integrate into developer workflows (Copilot, Claude, MCP, agent frameworks) and the associated security considerations
• Working knowledge of CI/CD platforms and pipeline security
• Familiarity with infrastructure-as-code and its security implications
• Understanding of container security and Kubernetes concepts
• Knowledge of software supply chain security (SBOMs, dependency scanning, artifact signing)
• Familiarity with application security testing methodologies (SAST, DAST, SCA)
• Understanding of secrets management and cloud workload identity patterns
• Proficiency with Python, PowerShell, or similar scripting for security automation
• Comfort working in Git-based version control workflows as both contributor and reviewer
• Ability to translate security requirements into engineering language and partner with development teams as a peer
• Strong troubleshooting and analytical skills with clear verbal and written communication

Supervisory Responsibilities

• No Supervisory Responsibility

Location Requirement: Candidates must currently reside within approximately 1–1.5 hours commuting distance of the local CBTS office or market they support. While this position offers hybrid flexibility, candidates are expected to be local to Ohio, Kentucky, or Indiana.

Salary Range :$110,000-140,000/per annum,

The compensation range in this posting reflects the Company’s good‑faith estimate at the time of publication. The applicable base pay range for any individual will be determined based on the candidate’s designated primary work location as well as factors including role scope and responsibilities, required qualifications, and the individual’s experience, education, skills, knowledge, and performance. Certain positions may also be eligible for additional compensation such as discretionary merit increases, bonuses, or sales‑based variable compensation in accordance with applicable plans and role requirements.

#LI-PK1 #LI-Hybrid #LI-CBTS

Due to U.S. Government requirements applicable to foreign-owned telecommunications providers, non-US citizens may be required to submit to an extensive government agency background check which will necessitate disclosure of sensitive Personally Identifiable Information.