Position :: Senior Information Security Architect
Location :: 100% Remote
Duration :: 6+ months
Interview :: Phone and Video
Job Description:
Required Qualifications
Must-Have Experience
• Recent experience within healthcare insurance
• Strong, hands-on experience with NIST frameworks
• Strong, hands-on experience with HITRUST
• Experience with AI and/or Generative AI security concepts
Position Overview
Senior Information Security Architect
Location: 100% Remote (Eastern hours)
Type: 6‑month Contract-to-Hire
Role Overview
We are seeking a highly experienced Senior Information Security Architect to provide strategic and hands-on security architecture leadership within a regulated healthcare insurance environment. This role will serve as a key authority across enterprise security domains, ensuring that security architecture aligns with regulatory requirements while enabling modern technology adoption.
The architect will play a critical role in shaping, governing, and approving security designs across the organization, translating complex compliance and risk requirements into scalable, enforceable security solutions.
You will provide architecture leadership across all security domains, including Security Operations (SecOps), Application Security (DevSecOps), Cloud, Identity, Data Protection, and Generative AI within our regulated health insurance payer environment.
You will serve as a voting member of the Architecture Review Board (ARB), providing security approval for all major technology initiatives. You will be responsible for translating complex regulatory and risk requirements (HIPAA, HITRUST) into an enforceable, modern security architecture that protects our most critical assets.
Key Responsibilities
Enterprise Security Architecture & Governance
• Act as a senior security authority within enterprise architecture governance, providing formal review and approval of major technology initiatives
• Define, maintain, and evolve security architecture principles, standards, and reference architectures
• Ensure alignment with healthcare regulatory and security frameworks including HIPAA, HITECH, HITRUST, and NIST
• Partner closely with senior technology and security leadership to drive secure-by-design outcomes
Security Operations Architecture (SecOps)
• Provide architectural leadership for Security Operations capabilities
• Design and evolve scalable solutions supporting SIEM, SOAR, threat intelligence, detection engineering, and incident response
• Establish enterprise logging, monitoring, and forensic readiness standards to support audit and regulatory needs
Application Security & DevSecOps
• Lead application security architecture across custom and third-party systems
• Define secure SDLC patterns, API security standards, and development guardrails
• Drive security integration into CI/CD pipelines and promote DevSecOps best practices across engineering teams
Cloud, Identity & Data Protection
• Architect security for cloud and hybrid environments (IaaS, PaaS, SaaS)
• Drive Zero Trust principles with an identity-first, least-privilege approach
• Design protections for sensitive data (PHI, PII, financial data) including encryption, tokenization, key management, and DLP
• Establish IAM standards for SSO, MFA, PAM, workforce, and consumer identity
AI & Emerging Technology Security
• Define and govern security guardrails for AI and Generative AI solutions
• Provide architecture guidance across the AI/ML lifecycle, including data handling, model usage, inference, and API security
• Partner with technology teams to manage emerging risks related to AI adoption
Leadership & Documentation
• Serve as a trusted advisor to security and technology leaders
• Mentor security engineers and architects
• Produce high-quality architecture documentation including reference models, decision records, and roadmaps
Never miss an opportunity! Create an alert based on the job you applied for.
