Associate Security Architect (Cloud & Enterprise)

At SCP Health, what you do matters

As part of the SCP Health team, you have an opportunity to make a difference. At our core, we work to bring hospitals and healers together in the pursuit of clinical effectiveness. With a portfolio of over 8 million patients, 7500 providers, 30 states, and 400 healthcare facilities, SCP Health is a leader in clinical practice management spanning the entire continuum of care, including emergency medicine, hospital medicine, wellness, telemedicine, intensive care, and ambulatory care.

Why you will love working here:

- Strong track record of providing excellent work/life balance.

- Comprehensive benefits package and competitive compensation.

- Commitment to fostering an inclusive culture of belonging and empowerment through our core values - collaboration, courage, agility, and respect.

Responsibilities:

Architecture & Design

• Define security requirements, best practices, and reference architectures for hybrid multi-cloud (AWS, Azure) and on-premises environments.
• Design and implement security controls for DevSecOps and CI/CD pipelines.
• Establish best practices for Cloud Security Posture Management (CSPM) and secure Infrastructure-as-Code (IaC).
• Apply SaaS Security Posture Management (SSPM) standards for enterprise SaaS applications.
• Support architecture and security reviews to identify vulnerabilities and recommend mitigation strategies.
• Evaluate and integrate emerging security technologies and practices across cloud and enterprise systems.

Enterprise Security Enablement

• Support enterprise IAM and PAM strategies, including MFA, SSO, certificate, and secrets management.
• Ensure security for enterprise platforms, including network, endpoint, and data security.
• Contribute to compliance, governance, and audit readiness efforts (HIPAA, HITRUST, SOC 2, SOX, ISO 27001, NIST CSF).
• Align security initiatives with enterprise IT roadmaps and transformation programs.

Collaboration & Culture

• Partner with IT, DevOps, Data, and Application teams to embed security throughout the development, testing, and deployment lifecycle.
• Provide security mentorship, training, and guidance across technical teams.
• Advocate for a security-first culture and serve as a bridge between technical staff, business stakeholders, and leadership.
• Engage with auditors, regulators, and executives to communicate security posture, risks, and remediation strategies.

Knowledge, Skills, and Abilities:

• Frameworks & Standards: NIST CSF, ISO 27001, HIPAA, HITRUST, SOX, SOC 2, CIS Controls.
• Cloud Security: AWS Security Hub, Azure Security Center, IAM, encryption, monitoring.
• Enterprise Security: Network segmentation, endpoint security, DLP, vulnerability management.
• Application Security: OWASP Top 10, secure SDLC, CI/CD security, DevSecOps.
• Data Security & Privacy: Encryption, DLP, data classification, GDPR, CCPA compliance.
• Identity & Access Management: IAM, PAM, MFA, SSO, certificate/secrets management.
• Automation & Tooling: Terraform, Python, PowerShell, security orchestration.
• Soft Skills: Strategic thinking, strong communication, collaboration, and mentoring abilities.

EDUCATION (Required and/or Preferred):

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field.
• Master’s degree in Computer Science or related field, preferred

FIELD OF STUDY:

• Computer Science
• Information Security
• Cyber Security
• Information Technology

WORK EXPERIENCE/QUALIFICATIONS:

• 5+ years in cybersecurity, with at least 2+ years in architecture or engineering roles spanning both cloud and enterprise environments.
• Hands-on experience designing and implementing security controls for AWS and/or Azure.
• Familiarity with hybrid infrastructure security, IAM, PAM, and enterprise platforms.
• Experience with compliance frameworks (HIPAA, HITRUST, SOC 2, NIST CSF, ISO 27001, CIS).
• Proficiency in threat modeling, risk assessment, and security control design.
• Experience with CSPM, SSPM, and secure DevOps practices.
• Strong Microsoft Excel and Visio/Lucid skills.
• Experience in healthcare security and regulatory environments, preferred
• Knowledge of container security (Kubernetes, Docker) and cloud-native security, preferred
• Experience with security automation, scripting, and orchestration, preferred

CERTIFICATES AND LICENSES:

• Certifications such as CISSP, CISM, CCSP, Azure Security Engineer, AWS Security Specialty, GIAC (GCSA, GSEC, GPEN, etc.), preferred

PRIMARY LOCATION:

• Atlanta, GA
• Dallas, TX
• Lafayette, LA
• Traverse City, MI

SECONDARY LOCATION(S):

• US-based Hybrid

#LI-PM1