Security Architect

Security Architect

The Security Architect provides critical security oversight, risk management and architectural guidance for a new technology platform we are implementing. The large-scale implementation involves the complex migration of multiple in-house, on-premises applications to a third-party Healthcare Information Technology solution hosted in the cloud. The architect will be instrumental in ensuring the confidentiality, integrity and availability of sensitive patient and corporate data throughout the migration and in the resulting cloud environment.

This role requires a deep understanding of cloud security best practices, healthcare compliance standards (like HIPAA/HITECH), and a proven ability to translate complex business requirements into robust and scalable security architectures. The Security Architect will report to the Director of Security Architecture and Cloud Security.

Working arrangement: Hybrid (3 days in office & 2 days WFH). Locations:
Secaucus, NJ;
Schaumburg, IL;
Lenexa, KS;
Addison, TX;
Tampa, FL.

Pay Range: $,000/year.

Benefits:

• Day 1 Medical, supplemental health, dental & vision for FT employees who work 30+ hours
• Best-in-class well-being programs
• Annual, no-cost health assessment program Blueprint for Wellness
• healthy
  
  MINDS mental health program
• Vacation and Health/Flex Time
• 6 Holidays plus 1 "MyDay" off
• Fin Fit financial coaching and services
• 401(k) pre-tax and/or Roth IRA with company match up to 5% after 12 months of service
• Employee stock purchase plan
• Life and disability insurance, plus buy-up option
• Flexible Spending Accounts
• Annual incentive plans
• Matching gifts program
• Education assistance through MyQuest for Education
• Career advancement opportunities
• and so much more!

• Validate, and if necessary, update the security architecture for the target cloud-based HIT environment, ensuring alignment with organizational security policies, industry best practices (e.g. NIST) and compliance frameworks.
• Evaluate the security posture of the third-party HIT solution and the underlying cloud infrastructure, identifying and documenting architectural gaps and control deficiencies.
• Develop security requirements and controls for application integration, data transfer, identity and access management, data encryption (in transit and at rest), network segmentation, and logging/monitoring within the cloud environment.
• Collaborate with project teams, application owners and the third-party vendor to ensure security is "built-in" from the initial planning and design phases.

• Collaborate with the Risk Management team to ensure security findings are documented and remediation plans are in place as discovered.
• Provide guidance on HIPAA Security and Privacy Rules, HITECH Act and other relevant regulations (e.g. PCI-DSS) to ensure the solution meets all regulatory requirements for protecting sensitive data.
• Define security metrics, reporting mechanisms, and audit trails to demonstrate ongoing compliance and security effectiveness.

• Serve as the primary security subject matter expert (SME) for the migration project, advising senior leadership and technical teams on security implications.
• Review and approve technical security configurations, including firewall rules, encryption key management, security information and event management (SIEM) integration, and access controls.
• Work with the Risk Management team to incorporate security governance processes for the new environment.

• Minimum 7 years of progressive experience in IT security with at least 3 years focused on security architecture and design for complex enterprise-level systems.
• Cloud Security:
  Deep, hands‑on experience with security solutions in a major public cloud platform (AWS, Azure, and/or GCP).
• Healthcare Compliance:
  Demonstrated expertise with HIPAA/HITECH and proven ability to design and implement controls required for PHI in a cloud environment.
• Strong knowledge of networking protocols, encryption techniques, zero-trust principles and cloud security guardrails.
• Proficiency in security‑as‑code and cloud native security tools (e.g.…