SCP Health
Associate Security Architect (Cloud & Enterprise)
SCP Health, Dallas, Texas, United States, 75215
Associate Security Architect (Cloud & Enterprise)
Join to apply for the
Associate Security Architect (Cloud & Enterprise)
role at
SCP Health .
Senior level: Mid‑Senior; Employment type: Full‑time.
Primary locations: Atlanta, GA; Dallas, TX; Lafayette, LA; Traverse City, MI.
Secondary location: US‑based Hybrid.
Responsibilities Architecture & Design
Define security requirements, best practices, and reference architectures for hybrid multi‑cloud (AWS, Azure) and on‑premises environments.
Design and implement security controls for DevSecOps and CI/CD pipelines.
Establish best practices for Cloud Security Posture Management (CSPM) and secure Infrastructure‑as‑Code (IaC).
Apply SaaS Security Posture Management (SSPM) standards for enterprise SaaS applications.
Support architecture and security reviews to identify vulnerabilities and recommend mitigation strategies.
Evaluate and integrate emerging security technologies and practices across cloud and enterprise systems.
Enterprise Security Enablement
Support enterprise IAM and PAM strategies, including MFA, SSO, certificate, and secrets management.
Ensure security for enterprise platforms, including network, endpoint, and data security.
Contribute to compliance, governance, and audit readiness efforts (HIPAA, HITRUST, SOC 2, SOX, ISO 27001, NIST CSF).
Align security initiatives with enterprise IT roadmaps and transformation programs.
Collaboration & Culture
Partner with IT, DevOps, Data, and Application teams to embed security throughout the development, testing, and deployment lifecycle.
Provide security mentorship, training, and guidance across technical teams.
Advocate for a security‑first culture and serve as a bridge between technical staff, business stakeholders, and leadership.
Engage with auditors, regulators, and executives to communicate security posture, risks, and remediation strategies.
Knowledge, Skills, And Abilities
Frameworks & Standards: NIST CSF, ISO 27001, HIPAA, HITRUST, SOX, SOC 2, CIS Controls.
Cloud Security: AWS Security Hub, Azure Security Center, IAM, encryption, monitoring.
Enterprise Security: Network segmentation, endpoint security, DLP, vulnerability management.
Application Security: OWASP Top 10, secure SDLC, CI/CD security, DevSecOps.
Data Security & Privacy: Encryption, DLP, data classification, GDPR, CCPA compliance.
Identity & Access Management: IAM, PAM, MFA, SSO, certificate/secrets management.
Automation & Tooling: Terraform, Python, PowerShell, security orchestration.
Soft Skills: Strategic thinking, strong communication, collaboration, and mentoring abilities.
Education
Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field.
Master’s degree in Computer Science or related field, preferred.
Work Experience/Qualifications
5+ years in cybersecurity, with at least 2+ years in architecture or engineering roles spanning both cloud and enterprise environments.
Hands‑on experience designing and implementing security controls for AWS and/or Azure.
Familiarity with hybrid infrastructure security, IAM, PAM, and enterprise platforms.
Experience with compliance frameworks (HIPAA, HITRUST, SOC 2, NIST CSF, ISO 27001, CIS).
Proficiency in threat modeling, risk assessment, and security control design.
Experience with CSPM, SSPM, and secure DevOps practices.
Strong Microsoft Excel and Visio/Lucid skills.
Experience in healthcare security and regulatory environments, preferred.
Knowledge of container security (Kubernetes, Docker) and cloud‑native security, preferred.
Experience with security automation, scripting, and orchestration, preferred.
Certificates And Licenses
Certifications such as CISSP, CISM, CCSP, Azure Security Engineer, AWS Security Specialty, GIAC (GCSA, GSEC, GPEN, etc.) preferred.
#J-18808-Ljbffr
Associate Security Architect (Cloud & Enterprise)
role at
SCP Health .
Senior level: Mid‑Senior; Employment type: Full‑time.
Primary locations: Atlanta, GA; Dallas, TX; Lafayette, LA; Traverse City, MI.
Secondary location: US‑based Hybrid.
Responsibilities Architecture & Design
Define security requirements, best practices, and reference architectures for hybrid multi‑cloud (AWS, Azure) and on‑premises environments.
Design and implement security controls for DevSecOps and CI/CD pipelines.
Establish best practices for Cloud Security Posture Management (CSPM) and secure Infrastructure‑as‑Code (IaC).
Apply SaaS Security Posture Management (SSPM) standards for enterprise SaaS applications.
Support architecture and security reviews to identify vulnerabilities and recommend mitigation strategies.
Evaluate and integrate emerging security technologies and practices across cloud and enterprise systems.
Enterprise Security Enablement
Support enterprise IAM and PAM strategies, including MFA, SSO, certificate, and secrets management.
Ensure security for enterprise platforms, including network, endpoint, and data security.
Contribute to compliance, governance, and audit readiness efforts (HIPAA, HITRUST, SOC 2, SOX, ISO 27001, NIST CSF).
Align security initiatives with enterprise IT roadmaps and transformation programs.
Collaboration & Culture
Partner with IT, DevOps, Data, and Application teams to embed security throughout the development, testing, and deployment lifecycle.
Provide security mentorship, training, and guidance across technical teams.
Advocate for a security‑first culture and serve as a bridge between technical staff, business stakeholders, and leadership.
Engage with auditors, regulators, and executives to communicate security posture, risks, and remediation strategies.
Knowledge, Skills, And Abilities
Frameworks & Standards: NIST CSF, ISO 27001, HIPAA, HITRUST, SOX, SOC 2, CIS Controls.
Cloud Security: AWS Security Hub, Azure Security Center, IAM, encryption, monitoring.
Enterprise Security: Network segmentation, endpoint security, DLP, vulnerability management.
Application Security: OWASP Top 10, secure SDLC, CI/CD security, DevSecOps.
Data Security & Privacy: Encryption, DLP, data classification, GDPR, CCPA compliance.
Identity & Access Management: IAM, PAM, MFA, SSO, certificate/secrets management.
Automation & Tooling: Terraform, Python, PowerShell, security orchestration.
Soft Skills: Strategic thinking, strong communication, collaboration, and mentoring abilities.
Education
Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field.
Master’s degree in Computer Science or related field, preferred.
Work Experience/Qualifications
5+ years in cybersecurity, with at least 2+ years in architecture or engineering roles spanning both cloud and enterprise environments.
Hands‑on experience designing and implementing security controls for AWS and/or Azure.
Familiarity with hybrid infrastructure security, IAM, PAM, and enterprise platforms.
Experience with compliance frameworks (HIPAA, HITRUST, SOC 2, NIST CSF, ISO 27001, CIS).
Proficiency in threat modeling, risk assessment, and security control design.
Experience with CSPM, SSPM, and secure DevOps practices.
Strong Microsoft Excel and Visio/Lucid skills.
Experience in healthcare security and regulatory environments, preferred.
Knowledge of container security (Kubernetes, Docker) and cloud‑native security, preferred.
Experience with security automation, scripting, and orchestration, preferred.
Certificates And Licenses
Certifications such as CISSP, CISM, CCSP, Azure Security Engineer, AWS Security Specialty, GIAC (GCSA, GSEC, GPEN, etc.) preferred.
#J-18808-Ljbffr