Senior Security Architect

About The Position

Requirements

• 7+ years of experience in security architecture, cloud security, or application security roles with hands-on implementation experience in AWS and Azure. 
• Strong understanding of regulatory and security frameworks including HIPAA Security Rule, NIST Cybersecurity Framework, ISO 27001, and SOC 2 control requirements. 
• Demonstrated ability to translate regulatory requirements and industry best practices into practical, scalable cloud and application security controls. 
• Experience enhancing or building a Secure Development Lifecycle, including threat modeling, SAST/DAST integration, dependency management, and secure code review practices. 
• Deep knowledge of cloud-native security architecture including IAM, network segmentation, encryption strategies, logging, monitoring, and zero-trust principles. 
• Familiarity with AI security considerations, including model risk, data protection, secure integration patterns, and governance frameworks. 
• Experience with automation and infrastructure-as-code tools such as Terraform, CloudFormation, or similar is a plus. 
• Relevant certifications preferred (CISSP, CCSP, AWS Security Specialty, Azure Security Engineer, or similar). 
• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related field, or equivalent experience. 

Responsibilities

• Lead secure design reviews for applications, APIs, cloud infrastructure, and multi-tenant systems across AWS and Azure. 
• Design, implement, and document cloud security controls aligned to HIPAA, NIST CSF, ISO 27001, SOC 2, and other relevant frameworks. 
• Enhance and operationalize the Secure Development Lifecycle, embedding threat modeling, secure coding standards, automated testing, and DevSecOps practices into engineering workflows. 
• Contribute directly to infrastructure-as-code, CI/CD pipelines, and cloud configurations to ensure controls are implemented effectively, not just documented. 
• Guide the secure adoption of AI technologies, ensuring appropriate data classification, access controls, monitoring, and governance guardrails are in place. 
• Develop and maintain security reference architectures, design standards, and reusable patterns that scale across tenants and environments. 
• Partner with engineering and DevOps teams to reduce interactive production access, implement least-privilege access models, and strengthen centralized logging and monitoring. 
• Support audit readiness by mapping technical implementations to regulatory and contractual control requirements. 
• Have fun in doing what we do! 

Benefits

• We offer a highly competitive medical, dental and vision plans as well offering a generous 401k match and all employees start accruing vacation and sick time from their very first day. We empower employee development through our tuition reimbursement plan, professional development plans, and employee-led communities.