Principal Enterprise Endpoint Security Portfolio Architect (Remote)

Principal Enterprise Endpoint Security Portfolio Architect (Remote)Join to apply for the Principal Enterprise Endpoint Security Portfolio Architect (Remote) role at RTXDate Posted: 2025-11-18Country: United States of AmericaLocation: TX234: Richardson 1717 CityLine 1717 East CityLine Drive Building C17, Richardson, TX, 75082 USAPosition Role Type: RemoteU.S. Citizen, U.S. Person, or Immigration Status Requirements: The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearanceSecurity Clearance: DoD Clearance: SecretRole OverviewRTX Enterprise Cybersecurity Services (ECS) is seeking a Lead Enterprise Endpoint Security Portfolio Architect to define the strategy and architecture for securing endpoints across our global enterprise. This leader will also serve as the cybersecurity portfolio owner for endpoint security technologies, responsible for lifecycle management, vendor strategy, and ensuring our workforce devices remain secure and compliant.In this high-impact role, you'll shape how we protect laptops, desktops, mobile devices, and specialized platforms, while ensuring endpoint security is a key enabler of our Zero Trust strategy and enterprise resilience.The ideal candidate is a senior enterprise architect with deep technical expertise in endpoint security (EDR/XDR, UEM/MDM, OS hardening, and encryption) combined with the leadership skills to drive strategy, vendor rationalization, and global adoption.What You Will DoDefine and maintain enterprise endpoint security reference architectures and roadmaps across Windows, macOS, Linux, iOS/Android, and specialized devices (IoT/OT where applicable)Serve as portfolio owner for endpoint security solutions, including lifecycle management, investment planning, vendor strategy, and cost optimizationLead design and adoption of modern endpoint protection platforms (NGAV, EDR, XDR) and ensure integration with SOC/SIEM/SOAR for advanced detection and responseEstablish endpoint hardening, encryption, and privilege management standards (BitLocker, FileVault, AppLocker/WDAC, Just-in-Time access)Drive UEM/MDM strategies (Intune, JAMF, Workspace ONE, etc.) to secure corporate, BYOD, and hybrid device environmentsEnsure endpoint posture and compliance signals integrate into Zero Trust and conditional access modelsCollaborate with IT, security, and operations teams to balance strong endpoint protection with workforce usability and productivityLead architectural risk assessments for endpoint platforms and ensure alignment with regulatory frameworks (NIST, ITAR/EAR, ISO 27001, CIS Benchmarks)Mentor engineers and architects, raising enterprise capability in endpoint security best practicesDevelop and track KPIs/metrics that demonstrate endpoint risk reduction, adoption of security controls, and value realization from endpoint investmentsQualifications You Must HaveTypically requires a University Degree or equivalent experience and a minimum 12 years of experience, or an Advanced Degree and a minimum 10 years experience.10+ years experience in cybersecurity, and/or information technology, or related intelligence community, military, or civil service fields.10+ years experience with endpoint protection technologies (CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, Palo Alto Cortex, etc.) and integration with SOC workflowsExperience leading endpoint security architecture at enterprise scale, preferably in global or regulated industries.The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.Qualifications We PreferCISSP, CISM, or vendor-specific IAM certifications a plusStrong knowledge of UEM/MDM platforms (Intune, JAMF, Workspace ONE) and endpoint posture compliance modelsHands-on experience with OS hardening, endpoint privilege management, encryption, and application controlFamiliarity with Zero Trust frameworks (NIST SP 800-207, CISA ZTMM) and integration of device trust signals into access policiesUnderstanding of enterprise architecture methods (TOGAF, SABSA, DoDAF) and security frameworks (NIST CSF, CIS Controls, MITRE ATT&CK)Excellent communication and leadership skills, with the ability to influence senior executives and guide large-scale changePossesses an established track record of continuous learning and improvement, particularly with emerging technologies and security subject mattersWhat We OfferWhether you're just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some benefits include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.Work Location: Remote. The successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories) and may be expected to travel to the site location as needed.Salary range: 147,000 USD – 295,000 USD (approximate). Benefits and compensation are based on experience, role, and location.RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act.J-18808-Ljbffr