Associate Security Architect (Cloud & Enterprise)

About The Position

Requirements

• 5+ years in cybersecurity, with at least 2+ years in architecture or engineering roles spanning both cloud and enterprise environments.
• Hands-on experience designing and implementing security controls for AWS and/or Azure.
• Familiarity with hybrid infrastructure security, IAM, PAM, and enterprise platforms.
• Experience with compliance frameworks (HIPAA, HITRUST, SOC 2, NIST CSF, ISO 27001, CIS).
• Proficiency in threat modeling, risk assessment, and security control design.
• Experience with CSPM, SSPM, and secure DevOps practices.
• Strong Microsoft Excel and Visio/Lucid skills.
• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field.
• Knowledge, Skills, and Abilities: Frameworks & Standards: NIST CSF, ISO 27001, HIPAA, HITRUST, SOX, SOC 2, CIS Controls.
• Cloud Security: AWS Security Hub, Azure Security Center, IAM, encryption, monitoring.
• Enterprise Security: Network segmentation, endpoint security, DLP, vulnerability management.
• Application Security: OWASP Top 10, secure SDLC, CI/CD security, DevSecOps.
• Data Security & Privacy: Encryption, DLP, data classification, GDPR, CCPA compliance.
• Identity & Access Management: IAM, PAM, MFA, SSO, certificate/secrets management.
• Automation & Tooling: Terraform, Python, PowerShell, security orchestration.
• Soft Skills: Strategic thinking, strong communication, collaboration, and mentoring abilities.

Nice To Haves

• Experience in healthcare security and regulatory environments, preferred
• Knowledge of container security (Kubernetes, Docker) and cloud-native security, preferred
• Experience with security automation, scripting, and orchestration, preferred
• Certifications such as CISSP, CISM, CCSP, Azure Security Engineer, AWS Security Specialty, GIAC (GCSA, GSEC, GPEN, etc.), preferred
• Master’s degree in Computer Science or related field, preferred

Responsibilities

• Architecture & Design Define security requirements, best practices, and reference architectures for hybrid multi-cloud (AWS, Azure) and on-premises environments.
• Design and implement security controls for DevSecOps and CI/CD pipelines.
• Establish best practices for Cloud Security Posture Management (CSPM) and secure Infrastructure-as-Code (IaC).
• Apply SaaS Security Posture Management (SSPM) standards for enterprise SaaS applications.
• Support architecture and security reviews to identify vulnerabilities and recommend mitigation strategies.
• Evaluate and integrate emerging security technologies and practices across cloud and enterprise systems.
• Enterprise Security Enablement Support enterprise IAM and PAM strategies, including MFA, SSO, certificate, and secrets management.
• Ensure security for enterprise platforms, including network, endpoint, and data security.
• Contribute to compliance, governance, and audit readiness efforts (HIPAA, HITRUST, SOC 2, SOX, ISO 27001, NIST CSF).
• Align security initiatives with enterprise IT roadmaps and transformation programs.
• Collaboration & Culture Partner with IT, DevOps, Data, and Application teams to embed security throughout the development, testing, and deployment lifecycle.
• Provide security mentorship, training, and guidance across technical teams.
• Advocate for a security-first culture and serve as a bridge between technical staff, business stakeholders, and leadership.
• Engage with auditors, regulators, and executives to communicate security posture, risks, and remediation strategies.

Benefits

• Strong track record of providing excellent work/life balance.
• Comprehensive benefits package and competitive compensation.
• Commitment to fostering an inclusive culture of belonging and empowerment through our core values - collaboration, courage, agility, and respect.