Security Architect

Location: Remote (New York)
Duration: 6 Months

Position Overview

We are seeking an experienced Security Architect to support enterprise-level information security and risk management initiatives. The ideal candidate will have a strong background in security architecture reviews, risk assessments, compliance frameworks, and emerging AI security risk evaluation.

This role will work closely with leadership, infrastructure teams, engineering teams, and business stakeholders to design, implement, and maintain enterprise security architecture and governance standards across complex environments.

Key Responsibilities

• Lead and guide the definition and implementation of enterprise security architecture
• Develop and implement effective security administration processes across multiple platforms
• Participate in pre-implementation security architecture solutioning and risk assessments
• Conduct security reviews to identify vulnerabilities, gaps, and risk mitigation strategies
• Design and recommend security controls aligned with information assurance principles
• Perform application vulnerability scans and recommend remediation strategies
• Provide security architecture guidance to senior IT leadership and cross-functional teams
• Collaborate with enterprise architecture and engineering teams to align technical and security requirements
• Support compliance initiatives related to HIPAA, Joint Commission, DSRIP, COBIT, and state privacy regulations
• Monitor current cybersecurity threats, vulnerabilities, and industry regulations
• Assist with special projects and additional security initiatives as required

Required Qualifications

• Minimum 10 years of IT experience
• At least 7 years of dedicated IT/Cyber Security experience including solution design
• Strong background in security reviews and enterprise security architecture
• Experience evaluating AI adoption and associated security risks
• Bachelor’s degree in Information Systems or related field

Technical Skills & Knowledge

Security & Compliance Frameworks

• HIPAA / HITECH
• NIST Cybersecurity Framework (NIST CSF)
• ISO 27001 / ISO 27002
• PCI-DSS
• COBIT

Infrastructure & Security

• Infrastructure, application, and security protocols
• Configuration management and secure configuration techniques
• Risk management, compliance, and audit standards
• Encryption algorithms and security best practices
• Vulnerability management and threat analysis
• Network security architecture and defense-in-depth concepts
• TCP/IP, OSI model, and network traffic flow analysis

Identity & Access Management

• Active Directory
• Access Federation
• Multi-Factor Authentication (MFA)
• Public Key Infrastructure (PKI)

Operating Systems

• Microsoft Windows
• Linux
• UNIX
• macOS

Additional Technical Experience

• Security systems resilience and dependability analysis
• Software engineering concepts
• IT supply chain security and risk management

Preferred Certifications

One or more of the following certifications preferred:

• CISSP
• CISM
• GSEC
• CEH
• Other relevant cybersecurity certifications