Security Architect
IT
California, USA
Location: Remote / Hybrid
Experience Required: 8+ year relevant experience
About ORO Labs
ORO Labs is an agentic procurement orchestration company on a mission to humanize the procurement experience. Founded in 2020 by former SAP Ariba product leaders, ORO delivers effortless user experiences so businesses can shorten cycle times, decrease risk through end-to-end process visibility, and remain agile in response to change with a no-code platform purpose-built for procurement. Trusted by users in over 70 countries, and supported by an extensive network of implementation and technology partners, ORO helps Fortune 500 and fast-growing global companies automate processes, improve cross-team collaboration, and scale procurement operations. The ORO platform is trusted by the world’s largest brands, including The Coca-Cola Company, Novartis, Danone, Roche, BASF, Liberty Global, Bayer, Millennium, and Booking.com.
Job Summary
We are seeking a highly experienced Security Architect to lead the design, implementation, and governance of secure software development and CI/CD infrastructure across cloud and on-premises environments. This role will be responsible for establishing enterprise-wide software supply chain security standards, hardening development and deployment platforms, and implementing controls that ensure the integrity, provenance, and security of software artifacts throughout the development lifecycle. The ideal candidate combines deep expertise in DevSecOps, cloud infrastructure, software supply chain security, and secure engineering practices with the ability to influence architecture standards across engineering organizations.
What You’ll Do
Design and implement secure software development and CI/CD infrastructure supporting cloud and on-premises procurement platforms and enterprise applications.
Secure and harden development ecosystems, including source code repositories, build systems, package registries, artifact repositories, deployment pipelines, and cloud-native platforms.
Define and enforce enterprise security standards for:
- Source control and repository security
- Branch protection and code governance
- CI/CD pipeline security
- Secret and credential management
- Artifact integrity and verification
- Dependency governance and package management
- Container and image security
Implement software supply chain security controls to protect procurement and third-party integration environments, including:
- Software Bill of Materials (SBOM)
- Artifact signing and verification
- Binary provenance and attestation
- Dependency and package validation
- Third-party library and vendor risk management
- Open-source governance and policy enforcement
Establish processes and monitoring capabilities to identify, respond to, and remediate dependency compromise events, malicious packages, and software supply chain threats.
Partner with Engineering, Infrastructure, Product Security, and Procurement Technology teams to integrate DevSecOps and secure development practices into enterprise procurement platforms and services.
Conduct security architecture reviews and risk assessments for internally developed applications, vendor integrations, APIs, and deployment workflows.
Drive automation, governance, and continuous improvement initiatives to strengthen software integrity, platform resilience, and compliance across procurement technology environments.
Provide technical leadership and guidance on secure software architecture, cloud security, and software supply chain best practices across the organization.
What We’re Looking For
Key Qualifications
Required
- Bachelor’s degree in Computer Science, Information Security, Engineering, or related field (or equivalent practical experience).
- 8+ years of experience in cybersecurity, DevSecOps, platform engineering, or security architecture.
- Deep expertise in CI/CD platforms, secure software development, and cloud-native infrastructure.
- Strong experience securing:
- GitHub, GitLab, Bitbucket, or equivalent source control platforms
- Jenkins, GitHub Actions, GitLab CI/CD, Azure DevOps, or similar pipeline technologies
- Artifact repositories such as Artifactory, Nexus, or Harbor
- Container platforms and Kubernetes ecosystems
- Hands-on experience implementing:
- SBOM frameworks and tooling
- Artifact signing technologies (e.g., Sigstore, Cosign, Notary)
- Supply chain security frameworks (SLSA, NIST SSDF)
- Secret management platforms (e.g., Vault, cloud-native secret services)
- Strong understanding of:
- Secure build systems
- Dependency management and package ecosystems
- Open-source security risks
- Binary provenance and attestation models
- Infrastructure-as-Code (IaC) security
Preferred
- Experience with cloud platforms such as AWS, Azure, or Google Cloud.
- Knowledge of compliance and regulatory frameworks relevant to software security.
- Experience with vulnerability management, threat modeling, and security automation.
- Security certifications such as CISSP, CSSLP, CCSP, GIAC, or Kubernetes security certifications.
Why Work with Us?
- Join a cutting-edge SaaS company shaping the future of AI-driven enterprise procurement.
- Be the key architect of ORO Labs’ growing IP portfolio.
- Work with global innovators and thought leaders.
- Enjoy a flexible, growth-oriented, and innovation-driven work culture.
- Play a pivotal role in securing the intellectual foundation of ORO Labs’ long-term success