Enterprise Security Architecture

We are seeking an experienced Enterprise Security Architecture Lead to define and evolve enterprise security standards, reference architectures, and security design patterns that enable secure-by-design solutions across the organization. This strategic role focuses on creating security frameworks, architecture standards, and governance practices—not operational security implementation.

You will serve as a key bridge between enterprise architecture and information security teams, translating security policies into practical patterns and templates that architects and engineering teams can apply consistently. What You'll Do Security Architecture Standards & Patterns

• Define enterprise security reference architectures, including zero-trust and defense-in-depth models.
• Develop reusable security patterns for authentication, authorization, APIs, applications, networks, and data protection.
• Establish security controls and requirements by application tier.
• Define identity and access management (IAM), encryption, key management, and secrets management standards.

Security Framework Development

• Create secure design templates for web applications, APIs, and microservices.
• Develop threat modeling frameworks and methodologies.
• Establish security testing standards, including SAST, DAST, and penetration testing guidance.
• Define DevSecOps and shift-left security practices.
• Create security compliance patterns supporting regulatory and industry standards.

Governance & Enablement

• Review solution architectures for alignment with security standards.
• Lead security architecture reviews and threat modeling activities.
• Define security review criteria and exception processes.
• Train architects and stakeholders on security patterns and secure design principles.
• Maintain and evolve the enterprise security pattern catalog., * Enterprise security reference architectures.
• Security pattern library and design templates.
• Security controls framework by application tier.
• Zero-trust implementation standards.
• IAM, encryption, and secrets management patterns.
• Threat modeling framework and review processes.
• DevSecOps standards and security governance criteria.

Why Join Us? This is an opportunity to shape the security architecture strategy of a complex enterprise environment, influence technology decisions at scale, and drive secure-by-design practices across the organization.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 7+ years of experience in security architecture, enterprise architecture, or cybersecurity.
• 5+ years of experience developing enterprise security standards, frameworks, and architectural patterns.
• Demonstrated expertise in zero-trust architecture and secure design principles.
• Experience establishing security control frameworks and security governance practices.
• Proven success conducting threat modeling and security architecture reviews.
• CISSP (Certified Information Systems Security Professional) certification.
• Healthcare industry experience.

Preferred Qualifications

• TOGAF certification.
• SABSA certification.
• Cloud security certifications such as AWS Security Specialty, Azure Security Engineer, or Google Cloud Security Engineer.
• CISM or CISA certification.
• Experience in highly regulated environments.
• Background in penetration testing or offensive security.
• Experience implementing zero-trust architecture at enterprise scale.
• Deep knowledge of compliance frameworks and audit requirements.