Job Description

Job Description

Job Description

Senior Cyber Security Architect

The Senior Security Architect designs and drives the secure architecture of DataHouse platforms and client solutions across cloud and hybrid environments. This role leads threat modeling, control selection, and reference architectures aligned to ISO/IEC 27001, NIST, and HIPAA, partners with engineering to embed security in delivery pipelines, and advises public-sector and healthcare clients on compliance-aligned architectures. You’ll be a senior individual contributor with broad influence—mentoring engineers, shaping standards, and participating in architecture reviews and program governance.

*This position requires the candidate to be based in Hawaii and able to work on-site in Honolulu as needed.

Primary Responsibilities and Duties

• Architecture & Design: Define secure reference architectures (network, identity, data, application, and cloud) for AWS/Azure; champion zero-trust and least-privilege patterns.
• Risk Management: Identify, assess, and mitigate security risks to protect company assets, data, and systems from external and internal threats.
• Security Strategy Development: Develop and implement comprehensive security strategies and roadmaps that include key policies, procedures, and practices to safeguard the company’s information technology infrastructure.
• Security Compliance: Ensure that security architecture meets regulatory requirements and compliance standards, such as GDPR, HIPAA, or industry-specific regulations.
• Governance & Compliance: Translate ISO/IEC 27001, NIST (CSF/800-53/171), and HIPAA into practical architectures, patterns, and evidence requirements; support internal audits and renewals.
• Advisory & Reviews: Sit on internal and client architecture review boards; support executive-level guidance to SLED and healthcare clients.
• Collaborate with Leadership: Work closely with senior leadership, including the CTO, and other department heads, to ensure security strategies align with business priorities and technology initiatives.
• Incident Readiness: Partner with SecOps to refine detection logic, playbooks, and tabletop exercises; ensure architectures support rapid containment and recovery.
• Mentorship & Standards: Coach engineers; author standards, patterns, and runbooks; lead brown-bags and security awareness sessions for delivery teams.
• Vendor Management: Work with external vendors to evaluate and select security tools, technologies, and services to enhance the company’s security posture.

Specific Responsibilities and Duties

• Develop and implement frameworks for the secure design and deployment of cloud services, network infrastructure, and enterprise applications.
• Lead the evaluation and integration of new security technologies and methodologies to enhance the company’s security infrastructure.
• Collaborate with the IT department to ensure security controls are integrated into all software development and systems engineering processes.
• Define and enforce standards and best practices for secure software development, network security, data protection, and vulnerability management.
• Implement and continually improve the organization’s Information Security Management System (ISMS) to maintain ongoing ISO 27001 certification.
• Advise client leadership teams on IT governance, budget planning, security roadmaps, and risk management programs.
• Ensure security practices address requirements specific to healthcare, government, and other regulated industries.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 6+ years of experience in information security, with at least 2 years in a senior security architecture role or similar management position.
• Proven experience in designing and implementing security architectures for large, complex systems across multiple platforms (cloud, on-premise, hybrid).
• Expert knowledge of security frameworks, such as NIST, CIS, ISO 27001, comparable ISMS frameworks, and experience with industry compliance standards.
• Strong understanding of network security, encryption technologies, access controls, threat modeling, and risk management.
• Experience with public sector and healthcare IT security requirements preferred.
• Experience with cloud security, including public cloud platforms such as AWS, Azure, or Google Cloud.
• Leadership and team management experience, with the ability to mentor and inspire a security team.
• Excellent problem-solving and analytical skills, with the ability to design secure systems and mitigate risks proactively.
• Proven track record delivering security services to external clients, including executive advisory and program governance.
• Strong ability to communicate risk and security strategy to executives, boards, and non-technical stakeholders.
• Certified Information Systems Security Professional (CISSP) or other relevant certifications (e.g., Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM)) is preferred.
• AWS/Azure security certifications preferred.

Job Tags

Similar Jobs