Lead Security Architect

Lead Security Architect

Requirements

• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field required
• Master’s degree in Computer Science, specifically in Information Security or a related discipline is strongly preferred
• Minimum of 12 years of progressive experience in cybersecurity, including at least 5 years in a security architecture or senior-level engineering role
• Deep experience in threat model, design, PoC, and implement large scale enterprise solutions (ideally in Healthcare or financial sectors)
• Proven ability to design and implement security controls aligned with compliance frameworks such as HIPAA, NIST, and CIS
• Extensive hands-on experience in AWS cloud security, network security, with extended knowledge on Zero Trust, Data Protection, and Appsec
• Strong understanding of enterprise identity and access management (IAM) systems, Data Protection, including platforms like Okta, SailPoint, VDI, and Active Directory (AD)
• Expert experience with SIEM platforms, XDR, and cloud-native threat detection tools
• Expert experience in web application security, OWASP, API security, and secure design and testing
• Hands-on experience with security automation is required, along with proficiency in AI assisted development, familiar with Python, Cursor, Lambda, Terraform, or a comparable scripting and infrastructure-as-code (IaC) tool, to drive operational efficiency and consistency

Responsibilities

• Lead the development and implementation of enterprise-wide security architecture strategies and frameworks
• Develop and maintain threat model and security reference architectures for AWS and on-premises environments, with a strong emphasis on Zero Trust principles, identity and access management (IAM), encryption, secure access controls, SIEM and XDR platforms
• Partner with Engineering, DevOps, IT, and Compliance teams to ensure secure system design and security-by-default principles are embedded into infrastructure and applications
• Collaborate with DevOps and engineering teams to embed security into CI/CD workflows and Infrastructure-as-Code (IaC) processes
• Establish and enforce security best practices in containerized environments (e.g., EKS, ECS) and AI-enabled applications, including workload protection, runtime monitoring, and secrets management
• Support the secure design, development, and deployment of AI/ML solutions and data pipelines, ensuring robust controls around model access, training data, and infrastructure
• Champion the use of security automation and playbooks using tools such as Python, Lambda, Terraform, and others to streamline security testing, threat detection, and remediation workflows
• Evaluate and recommend security tools, platforms, and automation approaches that align with business goals and security requirements
• Perform architectural risk assessments for new and existing systems, and provide actionable guidance and mitigation strategies for identified risks
• Work closely with the Incident Response team to ensure security architecture is aligned with current and emerging threat landscapes
• Participate in design reviews, conduct threat modeling exercises, and contribute to architecture governance and decision-making processes
• Influence the development of security policies and standards to align with industry best practices and regulatory frameworks (e.g., HIPAA, NIST, CISA, FDA)
• Stay current on industry trends, emerging threats (including AI-driven threats), and technologies to continuously enhance the organization’s security posture
• Serve as a trusted technical and strategic advisor to executive leadership on security architecture, technology risks, and mitigation strategies
• Mentor and provide guidance to security engineers and developers on secure design principles and architectural best practices

Preferred Qualifications

• Industry certifications preferred: CISSP, CCSP, AWS Certified Security – Specialty, AWS Certified Solutions Architect – Professional, or AWS Certified Advanced Networking – Specialty (or equivalent)