Full-Time Security Architect

In this role, you will design, build, and maintain a secure enterprise architecture, with a strong focus on embedding security throughout the software development lifecycle (SDLC).

• Design and implement secure cloud architectures and controls (AWS, Azure, Oracle) tailored to healthcare applications and data.
• Lead the adoption of secure SDLC practices across software development teams, ensuring security is embedded throughout the development lifecycle.
• Integrate security controls into CI/CD pipelines by collaborating with DevOps and engineering teams
• Deploy and manage DAST tools to detect and remediate runtime vulnerabilities in web and API-based applications.
• Establish and promote secure coding standards aligned with OWASP and industry best practices.
• Conduct threat modeling and security risk assessments for new features, platforms, and system architectures.
• Ensure compliance with healthcare and other regulations such as HIPAA, HITRUST, SOX, and PCI.
• Develop and enforce cloud security policies, standards, and best practices.
• Provide expert security input during engineering, IT infrastructure, and application design reviews.
• Identify and address threats and attack vectors, including XSS, SQL injection, session hijacking, and social engineering.
• Configure and optimize SIEM tools (e.g., CrowdStrike, Azure Sentinel) to enhance log analysis, threat detection, and incident response capabilities.
• Design and implement robust cloud security measures, including identity and access management, encryption, and network security.
• Lead or support vulnerability assessments and penetration testing for web applications and cloud infrastructure.

EDUCATION/TECHNICAL REQUIREMENTS

• Bachelor’s degree in computer science, engineering, Cybersecurity, or related field.
• 7+ years of experience in cybersecurity, with 3+ years focused on security architecture and securing clouds.
• Strong understanding of HIPAA, PCI, HITRUST, SOX, SOC2 and other compliance requirements.
• Proficiency in cloud security frameworks (e.g., CSA CCM, NIST 800-53, CIS Benchmarks).
• Strong experience with one of the following AWS/Azure/Oracle.
• Experience with infrastructure as code (IaC) security (e.g., Terraform, CloudFormation).
• Working knowledge of CrowdStrike and Veracode.
• Hands-on experience with DevOps practices and security integration into CI/CD pipelines.
• Familiarity with container security (e.g., Kubernetes, Docker) and serverless security.
• Certifications such as CCSP, CISSP, AWS Certified Security Specialty are preferred.

What is the last date for applying to the job?

Which countries are accepted for this remote job?