IT Security Architect

Five

years of experience in Information Technology

required

(multiple areas preferred)

.

Three

Competitive Wages & Family Benefits:

Competitive wages

Parental leave (4 weeks paid)

Housing programs

Childcare reimbursement

Comprehensive Health Benefits:

The Information Security Architect serves as the deputy leader for the Information Security program and is responsible for designing, implementing, and maintaining the organization’s enterprise security architecture to ensure the confidentiality, integrity, and availability of systems and data. This role owns security architecture and provides hands‑on guidance across Identity & Access Management (IAM/IGA/PAM), Security Operations (SIEM/XDR), Governance, Risk & Compliance (GRC), Cloud and Network Security, Security Automation, Incident Response, and Data Security & Access Governance. The Security Architect leads efforts to identify, assess, and mitigate security risks across infrastructure, applications, and enterprise systems; defines reference architectures and security guardrails; and drives zero‑trust adoption. Working closely with IT, compliance, and business stakeholders, this role integrates secure‑by‑design practices and enables proactive defense strategies aligned with organizational objectives and regulatory requirements, including those applicable to regulated healthcare environments (HIPAA, HITECH, HITRUST).

Owns the enterprise security architecture and multi year roadmap, defining target state designs, security standards, and investment priorities; acts as a trusted advisor to executive leadership and drives cross functional delivery across IT, cloud, and product teams.

Establishes and governs enterprise identity, access, and data protection strategy, including SSO/MFA, federation (SAML, OIDC, OAuth), RBAC/ABAC, IGA lifecycle automation, privileged access management (PAM), and secrets and certificate management—enforcing least privilege and zero standing access at scale.

Defines and executes cloud security strategy across Azure and AWS by designing secure landing zones and zero trust guardrails; implements and operationalizes CSPM, CWPP, and CIEM capabilities to continuously reduce cloud risk and misconfiguration exposure.

Leads network and Zero Trust architecture modernization, including micro segmentation, NAC, next generation firewalls, secure remote access, and policy enforcement; delivers measurable isolation of critical systems and reduction of lateral movement risk.