What are the responsibilities and job description for the Principal Security Architect position at Aleron?
Description
As the Principal Security Architect, you will be responsible for defining and implementing the enterprise-wide security architecture strategy. You will lead the development of security frameworks, patterns, and standards while ensuring alignment with business objectives and regulatory requirements in healthcare. This role combines strategic leadership with deep technical expertise in cybersecurity.
Location: 100% Remote
Duration: Direct/Fulltime
Key Accountabilities:
- Develop and maintain the enterprise security architecture framework, ensuring alignment with business strategy and regulatory requirements
- Provide thought leadership in the design and implementation of enterprise-wide security solutions that protect healthcare systems, applications, and data
- Create and evolve security reference architectures, patterns, and standards for cloud, on-premises, and hybrid environments
- Perform security architecture reviews of major initiatives and provide guidance on risk mitigation strategies
- Lead threat modeling exercises and security assessments for critical systems and applications
- Collaborate with the Infrastructure Team, the Cloud Team, End User Services, the Security Team, as well as other members of the enterprise architecture team to ensure security is embedded in all architecture decisions
- Guide development teams in implementing secure-by-design principles
- Evaluate emerging security technologies and recommend adoption strategies
- Develop security architecture roadmaps aligned with business objectives
- Lead incident response planning and security crisis management at the architecture level
- Mentor security architects and provide technical leadership across the organization
- Establish zero-trust architecture (ZTA) principles, strategies, patterns, and roadmaps to move toward a zero-trust enterprise framework
Leadership Responsibilities:
- Drive security architecture vision and strategy
- Lead security architecture governance
- Build and mentor security architecture teams
- Collaborate with C-level executives on security initiatives
- Represent security architecture in enterprise architecture forums
Job Requirements
Required Skills / Qualifications:
- Master's degree in Computer Science, Cybersecurity, or related field
- 12 years of IT experience with at least 8 years focused on security architecture
- Extensive experience in healthcare security architecture and compliance
- Deep understanding of security frameworks (NIST, ISO 27001, SABSA)
- Strong knowledge of healthcare compliance requirements (HIPAA, HITECH)
- Experience with cloud security architecture across major platforms (AWS, Azure, GCP)
- Proven track record of designing and implementing enterprise-wide security solutions
- Experience with zero-trust architecture and implementation
- Strong background in identity and access management architectures
- Understanding of security operations and incident response
- CISM (Certified Information Security Manager)
- CRISC (Certified in Risk and Information Systems Control)
- Advanced expertise in threat modeling methodologies (STRIDE, DREAD, PASTA)
- Experience with threat modeling tools (Microsoft Threat Modeling Tool, OWASP Threat Dragon)
- Experience with blockchain security and distributed systems
- Background in AI/ML security architecture
- Experience with medical device security architecture
- Knowledge of emerging security technologies (quantum cryptography, AI-driven security)
- Publications or speaking engagements in security architecture
- Healthcare industry security architecture experience
Preferred Skills / Qualifications:
- CISSP-ISSAP (Information Systems Security Architecture Professional)
- One or more advanced security certifications:
- SABSA Chartered Security Architect
- TOGAF certification with security focus
- AWS Certified Security - Specialty
- Azure Security Engineer Associate
- Certified ArchiMate 3 Practitioner
Aleron companies (Acara Solutions, Aleron Shared Resources, Broadleaf Results, Lume Strategies, TalentRise, Viaduct) are Equal Employment Opportunity and Affirmative Action Employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity, sexual orientation, national origin, genetic information, sex, age, disability, veteran status, or any other legally protected basis. The Aleron companies welcome and encourage applications from diverse candidates, including people with disabilities. Accommodations are available upon request for applicants taking part in all aspects of the selection process.
Applicants for this position must be legally authorized to work in the United States. This position does not meet the employment requirements for individuals with F-1 OPT STEM work authorization status.
Aleron companies; Acara Solutions, Aleron Shared Resources, Broadleaf Results, Lume Strategies, Viaduct, and Aleron's strategic partner, SDI are Equal Employment Opportunity and Affirmative Action Employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity, sexual orientation, national origin, genetic information, sex, age, disability, veteran status, or any other legally protected basis.
