Job Specifications
Shift is the leading AI platform for insurance. Shift combines generative, agentic, and predictive AI to transform underwriting, claims, and fraud and risk - driving operational efficiency, exceptional customer experiences and measurable business impact. Trusted by the world's leading insurers, Shift delivers AI when and where it matters most, at scale and with proven results.
Our culture is built on innovation, trust, and a drive to transform the insurance industry through our SaaS platform. We come from more than 50 different countries and cultures and together we are creating the future of insurance.
The security team is a critical component of Shift Technology as no organization is immune to cyber-crime. The team is responsible for protecting information throughout the security infrastructure, edge devices, networks, and data. We strive to stay up to date with the latest tactics hackers are employing in the field in order to prevent data breaches by monitoring and reacting to attacks but the first step is finding the most qualified professionals to lead the way.
What you'll do...
As a Senior Security Architect, reporting to the CISO, you will be a senior member of the Information Security team, responsible for the end-to-end security architecture of our Azure-based SaaS platform and the creation, adoption, and governance of security architecture best practice across our organisation. You will serve as the subject matter expert for both cloud infrastructure and application security, partnering with engineering teams to embed security into the entire software development lifecycle (SDLC). You will design secure, scalable, and resilient solutions for our single- and multi-tenant offerings, ensuring the protection of our platform and our customers' data.
RESPONSIBILITIES
Cloud Security Architecture
Design and maintain the security reference architecture for our Azure-native, Windows, and Kubernetes-based SaaS products.
Act as the primary security consultant for product and engineering teams, providing authoritative guidance on secure design patterns for Azure infrastructure and services.
Review and approve architectural designs for new services to ensure they align with security principles (Zero Trust, defense-in-depth) and compliance requirements.
Define and enforce security standards for Azure networking, including VNet segmentation, firewalling, and private connectivity.
Product & Application Security
Lead threat modeling exercises (e.g., STRIDE) with development teams for new products and features to identify and mitigate risks early in the SDLC.
Develop and maintain secure coding standards and provide expert guidance on the prioritization and remediation of findings from SAST, DAST, and SCA tools.
Architect security solutions for the SaaS application layer, including tenant isolation, customer data segregation, secure APIs, and authentication/authorization patterns.
Data Security
Design and enforce security patterns for protecting data at rest and in transit across all Azure data platforms (e.g., Azure SQL, Cosmos DB, Databricks)
Partner with the Data Access Governance function to translate data classification policies into tangible technical access controls.
Architect solutions for secrets management, encryption, and key management, primarily leveraging Azure Key Vault.
Architect and design a secure data access solution using VDI (Azure Virtual Desktop), including the integration of Data Loss Prevention (DLP) and other data protection controls to prevent data exfiltration.
Security Engineering & Operations Enablement
Develop security-as-code and Infrastructure as Code (IaC) to create guardrails and proactively detect insecure configurations.
Serve as a senior technical escalation point for the Security Operations team during complex cloud security investigations.
Evaluate, prototype, and recommend new cloud security technologies and services to mature the overall security program.
SKILLS & BACKGROUND
Experience & Qualifications
At least seven (7) years of proven experience in a senior cloud security, product security, or security architecture role.
Bachelor’s Degree in a relevant field or equivalent work experience.
Relevant security or Azure certifications (e.g., AZ-500, CISSP) are highly desirable.
Architectural & Application Security Expertise
Proven experience designing security for multi-tenant SaaS applications in a public cloud environment, preferably Azure.
A firm understanding of core security principles like least privilege, defense-in-depth, and zero trust, and able to champion and educate colleagues on those principles.
Deep understanding of the OWASP Top 10, common application and cloud infrastructure security vulnerabilities, and their mitigation.
Hands-on experience with application security tools (SAST, DAST, SCA) and threat modeling methodologies such as STRIDE.
Azure Platform & Data Security Expertise
Strong knowledge of core Azure security services (e.