Information Security Executive Advisor

Elevance Health•Indianapolis, IN

1d•Hybrid

About The Position

Develops strategic and tactical plans for a comprehensive enterprise-wide information security program. Leads the development of policies, technical standards, guidelines, procedures, and other elements of an infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls. Seeking an experienced Cloud Security Architect to lead the design, implementation, and governance of security architecture across a complex multi-cloud environment (AWS, Azure, GCP). This role is responsible for developing secure cloud strategies, defining architectural standards, and ensuring regulatory compliance while enabling scalable, resilient, and secure cloud adoption. The ideal candidate combines deep technical expertise in cloud platforms with strong risk management, security architecture, and stakeholder engagement skills.

Requirements

BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background.

Nice To Haves

Broad-based experience to plan and design highly complex systems is strongly preferred
Expert knowledge and understanding of industry-accepted data processing controls and concepts strongly preferred as applied to Security
CISSP preferred and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Systems Security Engineering Professional, Certification and Accreditation or equivalent certifications)
AWS Certified Security – Specialty preferred
Microsoft Certified: Azure Security Engineer preferred
Google Professional Cloud Security Engineer preferred
Hands-on experience securing AWS, Azure, and/or GCP environments strongly preferred
Strong knowledge of: Cloud networking and segmentation IAM and identity federation Encryption and key management (KMS, HSM) Container and Kubernetes security Infrastructure-as-Code security
Experience implementing CSPM/CNAPP tools (e.g., Prisma Cloud, Wiz, Defender for Cloud, Lacework, etc.)
Knowledge of Zero Trust architecture principles preferred
Experience with regulatory compliance in cloud environments preferred

Responsibilities

Establishes architecture oversight and planning for information and network security technologies
Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations
Establishes strategic vendor relationships for security products and services
Develops enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements
Provides advanced level engineering design functions
Provides trouble resolution and serves as point of technical escalation on complex problems
Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the Enterprise
Provides technical guidance and leadership to the technical engineers within the organization
Participates in the design of the enterprise architecture
Proposes opportunities to improve results based on targeted or continuous assessment
Researches relevant trends and activities in healthcare, business, competition and regulatory environments; recommends strategy adjustments
Participates in enterprise planning activity, including vendor assessment, technology platform selection & retirement, prioritization and integration
Capable of serving as technical merger & acquisition lead
Routinely acts as a subject matter expert for executive management
Must be capable of providing top-tier support for 6 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.