Independence Pet Holdings
Principal Security Architect (Chicago)
Independence Pet Holdings, Chicago, Illinois, United States, 60290
Established in 2021,
Independence Pet Holdings
is a corporate holding company that manages a diverse and broad portfolio of modern pet health brands and services, including insurance, pet education, lost recovery services, and more throughout North America.
We believe pet insurance is more than a financial product and build solutions to simplify the pet parenting journey and help improve the well-being of pets. As a leading authority in the pet category, we operate with a full stack of resources, capital, and services to support pet parents. Our multi-brand and omni-channel approach include our own insurance carrier, insurance brands and partner brands.
Role Overview In close collaboration with the CISO team, this role defines and governs enterprise security architecture for IPH, embedding security into all platforms, applications, and processes. The Security Architect will enable secure adoption of cloud-native services, AI-driven automation, and zero-trust principles across the enterprise, while ensuring compliance with global regulatory frameworks.
Key Focus Areas Establishing unified security architecture across multiple zones/domains/lines of business Driving Zero Trust adoption and identity-centric security Governing AI/ML security and Responsible AI aligned to NIST AI RMF Embedding security in DevOps and defining reusable security patterns Mapping controls to regulatory frameworks (PCI-DSS, SOC 2, HIPAA, GDPR/CCPA, NAIC, Quebec Law 25) Secure and Align with IPH Calandra Toolkit and Skylark Security Stack for standards and implementation
Key Responsibilities Enterprise Security Architecture (30%) Define and maintain security architecture standards for the enterprise (we are Microsoft technology, Azure-centric, Insurance-focused) Architect and govern Zero Trust across landing zones; implement unified Conditional Access and identity governance for Internal and external users. Publish reusable security patterns for multi-tenant and cross-brand scenarios Oversee security for AKS, API management, and cloud-native infrastructure Ensure alignment with Calandra Toolkit and Skylark Security Stack for architecture reviews and compliance Identity & Access Management (20%) Drive CIAM strategy (Ping vs Microsoft Entra External ID) and support governance for unified identity across all brands Implement MFA with adaptive logic to reduce friction and cost while mitigating VOIP-based fraud Integrate IAM for all internal users. Compliance & Risk Management (20%) Architect and develop a security controls catalog mapped to PCI-DSS, SOC 2, HIPAA, GDPR/CCPA, NAIC, Quebec Law 25 Support audits: evidence collection, control mapping, documentation, and posture improvement Embed KYC, AML, and ABC checks into Skylark workflows; automate OFAC, UK, and EU watchlist checks Cloud & Application Security (15%) Define secure patterns for APIs, microservices, and integration pipelines Implement container security, workload isolation, and encryption standards Drive DevSecOps adoption (SAST/DAST/Secrets/IaC) and govern GitHub Advanced Security and Azure DevOps integrations AI/ML & Responsible AI Governance (10%) Architect security for Azure AI/ML platforms (Azure OpenAI, Copilot Studio, Databricks) Lead Responsible AI security governance aligned to NIST AI RMF Secure agentic workflows and Gen-AI integrations Strategic Leadership & Incident Response (5%) - Support the CISO with: Develop future-state security architecture roadmap aligned with IPHs digital transformation goals Retain Tier-2 SOC capabilities in-house for compliance with NYDFS, PCI DSS, and ISO 27001 Champion security automation and AI-driven threat detection
Architecture for: IAM; Endpoint Protection / EDR / XDR; Endpoint Management; SIEM & MDR; DLP & Data Governance; Email Archiving; Email Security; Patch Management ITSM / Asset Management;Security Awareness;Web & Network Security;Cloud Security;AppSec / DevSecOps;Incident Response;Backup / DR;Password Management;Governance / GRC;SAST / DAST;Third-Party Risk Management;OFAC Screening;;
Required Platforms & Tools Cloud Security:
Azure Security Center, Sentinel IAM/CIAM:
Azure AD, Ping Identity Compliance:
SOC 2, PCI DSS, HIPAA, GDPR/CCPA, NAIC, Quebec Law 25 DevSecOps:
GitHub Advanced Security, Azure DevOps Threat Protection:
SIEM (Sentinel), EDR, DLP solutions AI Security:
Azure OpenAI, Databricks, Responsible AI frameworks Enterprise Standards:
Calandra Toolkit (Azure) , Skylark Security Stack (Microsoft)
Qualifications Experience with 10+ years as a security Architect. Strong knowledge of cloud-native security patterns and compliance frameworks Familiarity with securing AI/ML and agentic workflows Insurance industry experience is a plus
Key Success Metrics Zero-Trust Adoption Full implementation across the enterprise Compliance SOC 2, PCI DSS, HIPAA maintained Identity Security Unified identity across all brands Threat Detection AI-driven automation for 90% of alerts Security Maturity Continuous improvement toward top tier CIAM Strategy and full rollout across the enterprise
All of our jobs come with great benefits including healthcare, parental leave and opportunities for career advancements. Some offerings are dependent upon the location of where you work and can include the following:
Comprehensive full medical, dental and vision Insurance Basic Life Insurance at no cost to the employee Company paid short-term and long-term disability 12 weeks of 100% paid Parental Leave Health Savings Account (HSA) Flexible Spending Accounts (FSA) Retirement savings plan Personal Paid Time Off Paid holidays and company-wide Wellness Day off Paid time off to volunteer at nonprofit organizations Pet friendly office environment Commuter Benefits Group Pet Insurance On the job training and skills development Employee Assistance Program (EAP)
Independence Pet Holdings
is a corporate holding company that manages a diverse and broad portfolio of modern pet health brands and services, including insurance, pet education, lost recovery services, and more throughout North America.
We believe pet insurance is more than a financial product and build solutions to simplify the pet parenting journey and help improve the well-being of pets. As a leading authority in the pet category, we operate with a full stack of resources, capital, and services to support pet parents. Our multi-brand and omni-channel approach include our own insurance carrier, insurance brands and partner brands.
Role Overview In close collaboration with the CISO team, this role defines and governs enterprise security architecture for IPH, embedding security into all platforms, applications, and processes. The Security Architect will enable secure adoption of cloud-native services, AI-driven automation, and zero-trust principles across the enterprise, while ensuring compliance with global regulatory frameworks.
Key Focus Areas Establishing unified security architecture across multiple zones/domains/lines of business Driving Zero Trust adoption and identity-centric security Governing AI/ML security and Responsible AI aligned to NIST AI RMF Embedding security in DevOps and defining reusable security patterns Mapping controls to regulatory frameworks (PCI-DSS, SOC 2, HIPAA, GDPR/CCPA, NAIC, Quebec Law 25) Secure and Align with IPH Calandra Toolkit and Skylark Security Stack for standards and implementation
Key Responsibilities Enterprise Security Architecture (30%) Define and maintain security architecture standards for the enterprise (we are Microsoft technology, Azure-centric, Insurance-focused) Architect and govern Zero Trust across landing zones; implement unified Conditional Access and identity governance for Internal and external users. Publish reusable security patterns for multi-tenant and cross-brand scenarios Oversee security for AKS, API management, and cloud-native infrastructure Ensure alignment with Calandra Toolkit and Skylark Security Stack for architecture reviews and compliance Identity & Access Management (20%) Drive CIAM strategy (Ping vs Microsoft Entra External ID) and support governance for unified identity across all brands Implement MFA with adaptive logic to reduce friction and cost while mitigating VOIP-based fraud Integrate IAM for all internal users. Compliance & Risk Management (20%) Architect and develop a security controls catalog mapped to PCI-DSS, SOC 2, HIPAA, GDPR/CCPA, NAIC, Quebec Law 25 Support audits: evidence collection, control mapping, documentation, and posture improvement Embed KYC, AML, and ABC checks into Skylark workflows; automate OFAC, UK, and EU watchlist checks Cloud & Application Security (15%) Define secure patterns for APIs, microservices, and integration pipelines Implement container security, workload isolation, and encryption standards Drive DevSecOps adoption (SAST/DAST/Secrets/IaC) and govern GitHub Advanced Security and Azure DevOps integrations AI/ML & Responsible AI Governance (10%) Architect security for Azure AI/ML platforms (Azure OpenAI, Copilot Studio, Databricks) Lead Responsible AI security governance aligned to NIST AI RMF Secure agentic workflows and Gen-AI integrations Strategic Leadership & Incident Response (5%) - Support the CISO with: Develop future-state security architecture roadmap aligned with IPHs digital transformation goals Retain Tier-2 SOC capabilities in-house for compliance with NYDFS, PCI DSS, and ISO 27001 Champion security automation and AI-driven threat detection
Architecture for: IAM; Endpoint Protection / EDR / XDR; Endpoint Management; SIEM & MDR; DLP & Data Governance; Email Archiving; Email Security; Patch Management ITSM / Asset Management;Security Awareness;Web & Network Security;Cloud Security;AppSec / DevSecOps;Incident Response;Backup / DR;Password Management;Governance / GRC;SAST / DAST;Third-Party Risk Management;OFAC Screening;;
Required Platforms & Tools Cloud Security:
Azure Security Center, Sentinel IAM/CIAM:
Azure AD, Ping Identity Compliance:
SOC 2, PCI DSS, HIPAA, GDPR/CCPA, NAIC, Quebec Law 25 DevSecOps:
GitHub Advanced Security, Azure DevOps Threat Protection:
SIEM (Sentinel), EDR, DLP solutions AI Security:
Azure OpenAI, Databricks, Responsible AI frameworks Enterprise Standards:
Calandra Toolkit (Azure) , Skylark Security Stack (Microsoft)
Qualifications Experience with 10+ years as a security Architect. Strong knowledge of cloud-native security patterns and compliance frameworks Familiarity with securing AI/ML and agentic workflows Insurance industry experience is a plus
Key Success Metrics Zero-Trust Adoption Full implementation across the enterprise Compliance SOC 2, PCI DSS, HIPAA maintained Identity Security Unified identity across all brands Threat Detection AI-driven automation for 90% of alerts Security Maturity Continuous improvement toward top tier CIAM Strategy and full rollout across the enterprise
All of our jobs come with great benefits including healthcare, parental leave and opportunities for career advancements. Some offerings are dependent upon the location of where you work and can include the following:
Comprehensive full medical, dental and vision Insurance Basic Life Insurance at no cost to the employee Company paid short-term and long-term disability 12 weeks of 100% paid Parental Leave Health Savings Account (HSA) Flexible Spending Accounts (FSA) Retirement savings plan Personal Paid Time Off Paid holidays and company-wide Wellness Day off Paid time off to volunteer at nonprofit organizations Pet friendly office environment Commuter Benefits Group Pet Insurance On the job training and skills development Employee Assistance Program (EAP)