Lead Architect - Cyber Network

Why Work for Frontier Airlines?  

At Frontier, we believe the skies should be for everyone. We deliver on this promise through our commitment to Low Fares Done Right. This is more than our tagline - it’s our driving philosophy. Every member of Team Frontier has an important role to play in bringing this vision to life.  Our successful business model allows travelers to take advantage of our fast-growing route network, while our bundled and unbundled pricing options allow our customers to personalize their travel experience and only pay for the services they need, saving them money along the way.   

What We Stand For  

Low Fares Done Right is our mission, and we strive to bring it to life every day.   Our ‘Done Right’ promise means delivering not only affordable prices but also making travel friendly and easy for our customers.  To do this, we put a great deal of care into every decision and action we take. We must be efficient with the use of our resources and make smart decisions about how we run our business. We must also innovate and be pioneers - we’re not afraid to try new things.  While our business requires us to fly high in the air, we also consider ourselves down-to-earth in our approach, creating a warm and friendly experience that truly demonstrates Rocky Mountain Hospitality.  

Work Perks   

At Frontier, we like to think we’re creating something very special for our team members.  Work is why we’re here, but the perks are nice too:  

Flight benefits for you and your family to fly on Frontier Airlines

Buddy passes for your friends so they can experience what makes us so great

Discounts throughout the travel industry on hotels, car rentals, cruises, and vacation packages

Discounts on cell phone plans, movie tickets, restaurants, luggage, and over 2,000 other vendors

Enjoy a ‘Dress for your Day’ business casual environment

Flexible work schedules that support work/life balance

Total Rewards program including a competitive base salary, short-term incentives, long-term incentives, paid holidays, 401(k) plan, vacation/sick time, and medical/dental/vision insurance that begins the 1st of the month following your hire date.

We play our part to make a difference.  The HOPE League, Frontier Airlines’ non-profit organization, is dedicated to providing employees with financial assistance during catastrophic hardship

What Will You Be Doing?

The Lead Architect of Cyber Network is a key member of the Security Engineering organization responsible for designing, securing, and optimizing enterprise network and security infrastructure. This role leads advanced engineering initiatives across firewalls, endpoint security, identity, email security, and cloud platforms while partnering across IT, GRC, and business units to ensure systems remain resilient, compliant, and aligned with organizational risk objectives. The ideal candidate brings deep expertise in security architecture, vulnerability management, and incident response, with the ability to mentor teams and drive enterprise-wide security improvements.

Essential Functions

Endpoint, Email, and Identity Security

• Engineer and manage large-scale endpoint security deployments including EDR/EPP tools such as SentinelOne, CrowdStrike, and CyberArk EPM (60,000+ endpoints).
• Implement advanced email security technologies to reduce phishing risk and improve message hygiene, achieving measurable reductions in user‑reported phishing attempts.
• Enhance organization-wide DLP coverage using tools such as Zscaler ZIA/ZPA.

Vulnerability & Threat Management

• Lead vulnerability management programs using Qualys VMDR/TotalCloud, achieving near‑100% asset coverage and driving vulnerability reduction of 70%+.
• Develop metrics, dashboards, and reporting structures to communicate risk and compliance status to leadership.
• Collaborate with Security Operations to identify, analyze, and remediate threats across server, endpoint, and network environments.

Incident Response & Risk Management

• Serve as a senior incident responder, leading containment, investigation, root‑cause analysis, and coordinated remediation during major security events.
• Partner with GRC, legal, compliance, and business stakeholders to ensure alignment with PCI DSS, ISO 27001, SOC 2, HIPAA, SOX, and FDA requirements.
• Contribute to IT and organizational risk management programs by embedding security requirements into project design, architecture, and operational change management.

Leadership & Collaboration

• Lead and mentor cross-functional security engineering teams supporting networking, PKI, endpoint, and email security.
• Oversee global teams delivering SIEM, XDR, HIPS, and other threat mitigation capabilities.
• Support customer-facing activities including RFP reviews, security questionnaires, and contract assessments.

Required Qualifications

• CISSP certification (active)
• 10+ years combined experience in networking, security engineering, and systems architecture
• Expertise with Palo Alto NGFW, Zscaler ZIA/ZPA, Cisco FTD, and other enterprise network security platforms
• Strong proficiency in vulnerability management and endpoint security tooling (e.g., Qualys VMDR, SentinelOne, CrowdStrike)
• Hands-on experience with incident response and enterprise security operations
• Working knowledge of compliance frameworks: PCI DSS, ISO 27001, HIPAA, SOC 2, SOX
• Strong scripting and automation skills (PowerShell, Bash, Python, or similar)

Preferred Qualifications

• Cloud security experience across Azure and AWS (Azure Fundamentals, AWS Cloud Practitioner certifications)
• Experience deploying and managing large-scale identity and PKI systems
• Demonstrated ability to lead multi-regional teams and deliver enterprise-grade security programs
• Experience supporting GRC functions and interfacing with auditors, customers, and compliance teams

Preferred Qualifications

• Cloud security experience across Azure and AWS (Azure Fundamentals, AWS Cloud Practitioner certifications)
• Experience deploying and managing large-scale identity and PKI systems
• Demonstrated ability to lead multi-regional teams and deliver enterprise-grade security programs
• Experience supporting GRC functions and interfacing with auditors, customers, and compliance teams

Knowledge, Skills and Abilities

Preferred Technical Skills     

• Preferred Technical Skills
• Security Operations: SentinelOne, CrowdStrike, Google SecOps/Chronicle
• Vulnerability Management: Qualys VMDR/TotalCloud
• Networking: Palo Alto NGFW, Cisco FTD, Zscaler ZIA/ZPA
• Programming & Automation: Bash, PowerShell, C#, Java, Python
• Compliance: NIST, SOC 2, PCI, ISO 27001, HIPAA, SOX 

Equipment Operated

Standard office equipment, including PC, copier, fax machine, printer 

Work Environment

Typical office environment, adequately heated and cooled 

Physical Effort

Light physical effort required by handling objects up to 20 pounds occasionally and/or up to 10 pounds frequently. 

Supervision Received

Considerable Latitude:  The incumbent establishes methods and procedures for attaining specific goals and objectives, and receives guidance in terms of broad goals.  Only the final results of work are typically reviewed. 

Positions Supervised

None

Salary Range: $137,643 - $182,696- Please note; This posting will close on or before 3/23/2026. 

Workplace Policies

Disclaimer: The above statements are intended only to describe the general nature and level of work required of the referenced position; they are not intended to be an exhaustive list of all responsibilities, duties, and skills required of individuals in this position. Please be advised that duties and expectations of this position may be subject to change.

Frontier Airlines, Inc. is an equal opportunity employer and, as such, is committed to providing equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, national origin, age, marital status, veteran status, sexual orientation, gender identity or expression, disability status, pregnancy, genetic information, citizenship status or any other basis protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Frontier Airlines is a Zero Tolerance Drug-Free Workplace. All prospective DOT safety-sensitive employees are subject to pre-employment testing for the following drugs and their metabolites: Marijuana, Cocaine, Amphetamines, Opioids and Phencyclidine (PCP). Further, any DOT safety-sensitive job applicant who is found to have tested positive on any required drug or alcohol test at a former employer will be considered ineligible for employment with Frontier.

Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.