Job Description
Solutions Architect
Location: Western United States (CA / WA / CO preferred) – Remote-first with significant regional travel
About AppViewX
AppViewX is a global leader in machine and agentic identity security and automation. Our AVX platform is the industry’s most advanced cloud-native solution for Certificate Lifecycle Management (CLM), PKI-as-a-Service, SSH and key management, Kubernetes TLS automation, secure code signing, and Post-Quantum Cryptography (PQC) readiness. Trusted by six of the top ten global commercial banks, five of the top ten global media companies, and five of the top ten managed healthcare providers, AppViewX helps enterprises eliminate outages, accelerate Zero Trust adoption, and achieve cryptographic agility at scale.
Following our acquisition of Eos Cyber, AppViewX now delivers the industry’s first unified machine identity + agentic identity control plane - combining certificate automation with AI-native identity governance. This is an exceptional opportunity to join a PE-backed, high-growth company at the forefront of post-quantum and agentic identity security.
Our Values
- Clarity: We interact with transparency, simplicity, and shared purpose.
- Unity: We build unity through mutual respect, trust, and collaboration.
- Innovation: We stay curious, challenge assumptions, and drive continuous improvement.
- Speed: We act with urgency, focus, and follow-through to deliver results fast.
- Precision: We bring accuracy, consistency, and care to everything we do.
Role Overview
The Enterprise Solutions Architect (ESA) – WEST is a senior individual contributor who owns the technical sales lifecycle for AppViewX’s strategic enterprise accounts and prospects across the Western United States. This role is designed for a seasoned SE practitioner who brings deep Identity/PKI/CLM/PQC domain expertise, proven enterprise POC execution, and the ability to engage security leadership stakeholders with confidence.
The ESA will lead complex, multi-product opportunities at F500 and Global 2000 accounts — delivering architecture-level guidance on CLM automation, PKI modernization, and post-quantum cryptographic readiness (ML-KEM, ML-DSA, FIPS 204) - while contributing to the broader WEST region SE team’s capability and culture.
Key Responsibilities
Enterprise Pre-Sales Ownership
- Own the full technical sales lifecycle for enterprise accounts: technical discovery, solution design, architecture workshops, POC/POV execution, competitive displacement, and technical closure.
- Lead West region enterprise opportunities independently - including multi-product deployments spanning CLM, PKI, Code Signing, Kubernetes TLS, AIS and QTH.
- Develop account-level technical strategy, identifying expansion, upsell, and cross-sell opportunities within the installed base.
- Partner with Enterprise AEs and Regional Sales leadership to shape deal strategy and competitive positioning.
Customer & Executive Engagement
- Engage VP Infrastructure, VP Security, and CISO-level stakeholders with architecture-level conversations on machine identity, Zero Trust, and cryptographic modernization.
- Lead technical discovery sessions, architecture workshops, and competitive bake-offs at enterprise accounts.
- Represent AppViewX at industry events, trade shows, and partner forums across the Western United States.
POC / POV Delivery
- Architect and personally execute high-impact enterprise POCs/POVs — including technical prerequisites, integration scoping, success criteria definition, and executive readout.
- Maintain hands-on proficiency across AVX CLM, PKI, SSH, Kubernetes, Code Signing, AIS and QTH product lines.
- Develop and contribute to reusable POC playbooks, integration reference architectures, and technical runbooks.
Customer and Partner Advisory
- Serve as a credible field advisor on post-quantum cryptographic readiness for enterprise accounts.
- Articulate the NIST PQC standardization outcomes and their enterprise implications:
- Educate prospects on the Harvest-Now-Decrypt-Later (HNDL) threat and help shape customer PQC migration timelines and certificate inventory assessments.
- Serve as a credible field advisor on agentic identity governess for enterprise accounts.
Team Contribution & Enablement
- Contribute to the SE team’s competitive battlecards, RFP libraries, and shared knowledge base.
- Support partner enablement sessions with GSIs, VARs, and technology alliance partners across the Western region.
- Provide structured field feedback to Product Management on feature gaps, competitive pressures, and PQC integration requirements.
Required Qualifications
- 7+ years of experience in enterprise pre-sales, solutions architecture, or a senior technical customer-facing role within cybersecurity around identity (IAM) security.
- Solid hands-on expertise in two or more of the following:
- Public Key Infrastructure (PKI) — CA hierarchy design, ADCS, EJBCA, or commercial CA deployment
- Certificate Lifecycle Management (CLM) — enterprise automation platforms, integrations, and workflows
- Hardware Security Module (HSM) — Thales Luna, Utimaco, AWS CloudHSM, or Azure Dedicated HSM
- Identity & Access Management (IAM) — machine identity, workload identity, or service account governance
- Post-Quantum Cryptography (PQC) — ML-KEM (FIPS 203), ML-DSA (FIPS 204), hybrid composite certificates
- Demonstrated experience engaging VP- and Director-level security or infrastructure stakeholders.
- Proven ability to lead and close enterprise POC/POV engagements in complex multi-cloud and hybrid environments.
- Experience with hybrid cloud environments and modern infrastructure (e.g., Kubernetes, virtualization)
- Strong understanding of Zero Trust and identity-centric security models
- Proven track record in 6–12-month enterprise sales cycles involving multi-stakeholder procurement.
- Strong written and verbal communication skills; able to present to both engineering teams and security leadership.
- Bachelor’s degree in computer science, Information Systems, Cybersecurity, or equivalent experience.
- Based in Western United States with ability to travel 30–40% for customer, partner, and internal engagements.
Preferred Qualifications
- Experience displacing Venafi TPP/TaaS, Keyfactor Command, DigiCert ONE, or Entrust in competitive enterprise accounts.
- Familiarity with EJBCA, HashiCorp Vault PKI, or open-source CA platforms.
- Knowledge of certificate automation protocols: ACME, SCEP, EST, CMP.
- Scripting or automation experience: Bash, PowerShell, Python, or Ansible for POC support and demo environment management.
- Experience integrating CLM platforms with ServiceNow, Splunk, CyberArk, or enterprise ITSM/SIEM platforms.
- Experience supporting accounts in financial services, healthcare, federal/DoD, or critical infrastructure sectors.
- Relevant certifications: CISSP, CCSP, AWS Certified Security — Specialty, Microsoft Certified: Security Engineer, or equivalent.
- Awareness of CA/Browser Forum mandates (47-day TLS certificate validity) and implications for enterprise CLM automation.
