Principal Security Architect

About The Position

Requirements

• 15+ years of relevant work experience (8+ years in architecture)
• 10+ years of experience building or securing large-scale business applications using modern technologies and architectural patterns.
• 10+ years of experience designing secure integrations with a focus on performance, resilience, and loose coupling using APIs, microservices, and event-driven architecture.
• 8+ years of experience and proficiency with modern languages, frameworks, and associated secure development practices.
• 6+ years of experience facilitating implementation of secure north star architectures by delivery teams through mentoring and building POCs, secure patterns, and other collaborative activities.
• Expert-level understanding of security architectural methodologies/best practices, regulatory and compliance requirements, and risk frameworks that influence architecture decisions.
• Recognized technical leader with full stack technology knowledge and recognized as an expert in one or more security domains like Identity & access management (IAM), network security, cloud security (AWS/Azure/GCP), data protection, zero trust, or security operations.
• Experience recognizing the impact security architecture decisions can have on strategic business decisions.
• Substantial experience with requirements analysis, risk assessment, estimation, and secure application design.
• Experience defining architecture using the C4 model or equivalent, with a focus on system context, container, component diagrams, including secure trust boundaries.
• Expert understanding of architectural governance, security design patterns, AI safety controls, secure development standards, and best practices.
• A diverse technical background with key areas of depth around AI/ML/Agentic AI security, cloud security, data platform security, hybrid solutions and operating securely at scale.
• Excellent collaboration, influencing, negotiation, coaching and coalition-building skills.

Nice To Haves

• Experience developing security architecture using agile methodology or SAFe practices.
• Experience in AI security architecture and practical application of AI technologies.
• Experience with the concepts and practical application of AI security, and the future of secure autonomous systems.
• A self-starter that is naturally inquisitive and proactive in identifying threats and emerging risks.

Responsibilities

• Be part of a team responsible for enabling secure technology solutions that meets our business strategy and drives business value.
• Define and collaborate on the creation of security roadmaps, security reference architectures, standards, best practice documents, and secure-by-design reference implementations that accelerate delivery while ensuring safety and compliance.
• Evaluate market trends in cybersecurity, execute buy vs. build decisions and assess cost and the risk impact on targeted business outcomes.
• Define future state security architecture that supports secure adoption of Artificial Intelligence, APIs, data stores, cloud infrastructures, cloud services, and microservices.
• Collaborate and consult with technology, cybersecurity, and business partners to optimize business applications and systems that adopt modern and secure architectures, especially around AI.
• Develop and maintain a strategic vision for the secure use of AI technologies, aligned to the CVS Health platform based on key business drivers, regulatory requirements, and emerging threat trends.
• Define and collaborate on the creation of security frameworks for the enterprise that promote reuse, reduces cost, manages risk, and increases speed to market.
• Effectively build and maintain strong relationships with technology, cybersecurity, and business partners to establish trust and influence key security decisions.
• Provide guidance, direction and mentorship to engineers and other stakeholders regarding security architecture and secure design of enterprise applications.
• Ensure all Non-Functional Security Requirements (e.g., authentication, authorization, resilience, encryption, auditability, availability, etc.) are properly articulated, and work with all parties to guarantee that delivered software products meet these objectives.
• Participates in high-level security estimation and security evaluation of AI-enabled solutions.
• Mentor and coach junior architects and seek the opportunity to bring continuous improvement in secure engineering and enterprise security practices.

Benefits

• Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.