IT Security Architect

Job Overview The Information Security Architect serves as the deputy leader of the Information Security program and is responsible for designing, implementing, and maintaining the organization’s enterprise security architecture. This role ensures the confidentiality, integrity, and availability of systems and data while guiding strategy and execution across identity and access management, security operations, cloud and network security, governance and compliance, incident response, automation, and data protection. The architect partners with IT, compliance, and business teams to implement secure‑by‑design principles and meet regulatory requirements, including HIPAA, HITECH, and HITRUST.

Responsibilities

• Own the enterprise security architecture, target‑state designs, and multi‑year roadmap; advise executive leadership and lead cross‑functional delivery across IT and cloud teams.
• Develop and govern identity, access, and data protection strategies including SSO, MFA, federation (SAML, OIDC, OAuth), RBAC/ABAC, lifecycle automation, PAM, and certificate management.
• Define and execute cloud security strategy for Azure and AWS; design secure landing zones and zero‑trust guardrails; implement CSPM, CWPP, and CIEM to reduce risk and misconfigurations.
• Modernize network and Zero Trust architecture, including micro‑segmentation, NAC, next‑generation firewalls, secure remote access, and policy enforcement to limit lateral movement.
• Lead security operations architecture, enhancing SIEM and XDR detection capabilities across endpoint, identity, email, cloud, and network telemetry.
• Own incident response architecture and readiness, including playbooks, forensic preparedness, and post‑incident reviews.
• Drive security automation and orchestration via SOAR and API integrations for incident response, access reviews, vulnerability workflows, and evidence collection.
• Strengthen email and social engineering defenses using DMARC, DKIM, SPF, advanced BEC protections, and SASE/SEG integrations.
• Lead vulnerability and patch governance, including risk‑based prioritization, remediation SLAs, dashboards, and validation of fixes.
• Embed GRC requirements into architecture aligned with HIPAA, HITECH, HITRUST, NIST CSF/NIST 800 series, CIS Controls, and ISO 27001.
• Apply healthcare‑specific security patterns for PHI, EHR/EMR systems, and connected clinical devices when applicable.
• Lead security platform and vendor strategy, including evaluation, rollout, optimization, and measurement of risk reduction.
• Model organizational values and maintain HIPAA compliance.
• Perform other duties as assigned.

Minimum Experience Requirements

• Five years of Information Technology experience (multiple domains preferred).
• Three years of experience in healthcare information security preferred.
• Knowledge of network hardware configuration, protocols, and healthcare security requirements.
• Experience creating policies and understanding EMR systems preferred.

Education

• Bachelor’s degree in Computer Science or Information Systems preferred.

Licenses and Certifications

• CISSP required.
• Additional certifications desired: CISM, CISA, Microsoft, Cisco.

By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.