MaineHealth
Overview
Description Location:
MaineHealth Department:
IT Division - Innovation Initiatives Enterprise Security Architect - IT Innovation MaineHealth is hiring for an Enterprise Security Architect. If you are a
strategic thinker and a hands-on problem solver , comfortable navigating the complexity of a
multi-hospital healthcare system . You thrive at the intersection of
innovation, security, and patient care , while bringing positivity, collaboration, and even humor into high-stakes projects. This role sits within the
Innovation Initiatives Team
of the IT Division, tasked with delivering strategic, high-impact projects that advance patient care, research, finance, and administrative functions across the health system. These initiatives often involve deploying new software platforms and supporting new clinical and administrative locations. Projects will be
high-visibility, high-value, and time-sensitive , requiring precision, strong leadership, and proactive collaboration to meet deadlines. Key Responsibilities
Security Architecture & Design
Define, implement, and maintain secure architecture frameworks for strategic IT initiatives across clinical, research, financial, and administrative domains. Conduct security reviews, technical assessments, and threat modeling for new and emerging solutions, ensuring alignment with MaineHealth's enterprise security strategy. Establish and enforce security-by-design principles across innovation projects, reducing risk while enabling agility. Collaborate closely with
enterprise, cloud, infrastructure, other architects
to align security requirements with overall IT and business strategies.
Strategic & Innovation Support
Partner with clinical, research, and administrative leaders to ensure new initiatives meet both
patient care needs
and
regulatory compliance requirements
(HIPAA, HITRUST, NIST). Integrate cybersecurity requirements into
EHR systems, medical device integrations, telehealth platforms, cloud applications, and physical site build-outs . Serve as a trusted advisor to executive leadership and project sponsors on cybersecurity risks and mitigations.
Engineering & Operations
Lead technical implementation of secure infrastructures, including networking, endpoint, application, and cloud security controls. Ensure effective security controls for multi-hospital environments, hybrid data centers, and cloud-based platforms.
Governance & Risk Management
Align with security frameworks and compliance mandates:
HIPAA, HITRUST, NIST, ISO, PCI . Provide documentation, security standards, and reusable architecture patterns.
Collaboration & Enablement
Engage across IT, clinical operations, research teams, and executive leadership to embed security practices. Provide mentoring and training to team members and stakeholders to raise security awareness.
We're looking for a seasoned Enterprise Security Architect with at least five years of experience, ideally in a healthcare setting and within a complex, multi-hospital health system. A bachelor's degree in Computer Science, Information Security, or a related field is required, though equivalent work experience is also acceptable. Certifications such as Microsoft Security, AWS Security, or similar are a plus. The ideal candidate will bring strong technical expertise across network and security infrastructure, data centers, storage systems, healthcare applications, and system interfaces. Familiarity with end-user devices and Microsoft technologies-including Windows Server, Active Directory, Azure AD, and Microsoft 365-is important. We value expert-level skills in cyber threat hunting and risk discovery, and experience with EHR platforms, clinical application security, and medical device security is highly desirable. Beyond technical skills, we're looking for someone who communicates clearly with non-technical stakeholders, thrives in a fast-paced, collaborative environment, and brings a sense of humor and team spirit to cross-functional work. Required Minimum Knowledge, Skills, and Abilities (KSAs)
Education: Bachelor's Degree or equivalent work experience required. License/Certifications: CISM, CISSP, or equivalent GIAC Certification preferred. Experience: Five years of experience as a Security Architect or Senior Security Engineer required. Project management experience preferred. Cybersecurity experience in a healthcare setting preferred. Experience operating in a complex multi-hospital health system preferred. Additional Skills/Requirements Required: N/A Additional Skills/Requirements Preferred: Expert cyber threat hunting, cyber risk discovery. Expert operational and security knowledge of network/security infrastructure, data center(s) and storage, applications and interfaces, and end user computing devices and connectivity. Expert operational and security knowledge of Windows Server, Active Directory, Azure AD along with supporting Microsoft Productivity tools such as MS Office. Additional Information
With a career at any of the MaineHealth locations across Maine and New Hampshire, you\'ll be working with health care professionals that truly value the people around them - both within the walls of the organization and the communities that surround it. We offer benefits that support an individual\'s needs for today and flexibility to plan for tomorrow - programs such as paid parental leave, a flexible work policy, student loan assistance, training and education, along with well-being resources for you and your family. MaineHealth remains focused on investing in our care team and developing an inclusive environment where you can thrive and feel supported to realize your full potential. If you\'re looking to build a career in a place where people help one another deliver best-in-class care, apply today. If you have questions about this role, please contact alyssa.lewis@mainehealth.org
#J-18808-Ljbffr
Description Location:
MaineHealth Department:
IT Division - Innovation Initiatives Enterprise Security Architect - IT Innovation MaineHealth is hiring for an Enterprise Security Architect. If you are a
strategic thinker and a hands-on problem solver , comfortable navigating the complexity of a
multi-hospital healthcare system . You thrive at the intersection of
innovation, security, and patient care , while bringing positivity, collaboration, and even humor into high-stakes projects. This role sits within the
Innovation Initiatives Team
of the IT Division, tasked with delivering strategic, high-impact projects that advance patient care, research, finance, and administrative functions across the health system. These initiatives often involve deploying new software platforms and supporting new clinical and administrative locations. Projects will be
high-visibility, high-value, and time-sensitive , requiring precision, strong leadership, and proactive collaboration to meet deadlines. Key Responsibilities
Security Architecture & Design
Define, implement, and maintain secure architecture frameworks for strategic IT initiatives across clinical, research, financial, and administrative domains. Conduct security reviews, technical assessments, and threat modeling for new and emerging solutions, ensuring alignment with MaineHealth's enterprise security strategy. Establish and enforce security-by-design principles across innovation projects, reducing risk while enabling agility. Collaborate closely with
enterprise, cloud, infrastructure, other architects
to align security requirements with overall IT and business strategies.
Strategic & Innovation Support
Partner with clinical, research, and administrative leaders to ensure new initiatives meet both
patient care needs
and
regulatory compliance requirements
(HIPAA, HITRUST, NIST). Integrate cybersecurity requirements into
EHR systems, medical device integrations, telehealth platforms, cloud applications, and physical site build-outs . Serve as a trusted advisor to executive leadership and project sponsors on cybersecurity risks and mitigations.
Engineering & Operations
Lead technical implementation of secure infrastructures, including networking, endpoint, application, and cloud security controls. Ensure effective security controls for multi-hospital environments, hybrid data centers, and cloud-based platforms.
Governance & Risk Management
Align with security frameworks and compliance mandates:
HIPAA, HITRUST, NIST, ISO, PCI . Provide documentation, security standards, and reusable architecture patterns.
Collaboration & Enablement
Engage across IT, clinical operations, research teams, and executive leadership to embed security practices. Provide mentoring and training to team members and stakeholders to raise security awareness.
We're looking for a seasoned Enterprise Security Architect with at least five years of experience, ideally in a healthcare setting and within a complex, multi-hospital health system. A bachelor's degree in Computer Science, Information Security, or a related field is required, though equivalent work experience is also acceptable. Certifications such as Microsoft Security, AWS Security, or similar are a plus. The ideal candidate will bring strong technical expertise across network and security infrastructure, data centers, storage systems, healthcare applications, and system interfaces. Familiarity with end-user devices and Microsoft technologies-including Windows Server, Active Directory, Azure AD, and Microsoft 365-is important. We value expert-level skills in cyber threat hunting and risk discovery, and experience with EHR platforms, clinical application security, and medical device security is highly desirable. Beyond technical skills, we're looking for someone who communicates clearly with non-technical stakeholders, thrives in a fast-paced, collaborative environment, and brings a sense of humor and team spirit to cross-functional work. Required Minimum Knowledge, Skills, and Abilities (KSAs)
Education: Bachelor's Degree or equivalent work experience required. License/Certifications: CISM, CISSP, or equivalent GIAC Certification preferred. Experience: Five years of experience as a Security Architect or Senior Security Engineer required. Project management experience preferred. Cybersecurity experience in a healthcare setting preferred. Experience operating in a complex multi-hospital health system preferred. Additional Skills/Requirements Required: N/A Additional Skills/Requirements Preferred: Expert cyber threat hunting, cyber risk discovery. Expert operational and security knowledge of network/security infrastructure, data center(s) and storage, applications and interfaces, and end user computing devices and connectivity. Expert operational and security knowledge of Windows Server, Active Directory, Azure AD along with supporting Microsoft Productivity tools such as MS Office. Additional Information
With a career at any of the MaineHealth locations across Maine and New Hampshire, you\'ll be working with health care professionals that truly value the people around them - both within the walls of the organization and the communities that surround it. We offer benefits that support an individual\'s needs for today and flexibility to plan for tomorrow - programs such as paid parental leave, a flexible work policy, student loan assistance, training and education, along with well-being resources for you and your family. MaineHealth remains focused on investing in our care team and developing an inclusive environment where you can thrive and feel supported to realize your full potential. If you\'re looking to build a career in a place where people help one another deliver best-in-class care, apply today. If you have questions about this role, please contact alyssa.lewis@mainehealth.org
#J-18808-Ljbffr