Lead Security Architect

You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world. As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.

Position Purpose:

Advises policy, direction, and vision for critical enterprise IT & Business domains. Drives and designs new and critical security initiatives for emerging technologies. Assesses, envisions, plans, designs, and oversees the implementation of security and compliance capabilities across company platforms, systems, and applications. Defines security requirements, secure architecture blueprints, and conducts reviews of systems, platforms, and applications to identify security risks. Recommends architectural enhancements to minimize security risk to the company.

• Develops, manages, and sets the vision for information security across the organization, coordinates all security architecture activities globally, and develops security architecture plans, roadmaps, etc.
• Subject matter expertise regarding enterprise and cloud security architecture.
• Develops reference architecture and implementation patterns related to security solutions, with an emphasis on AWS security services (e.g., IAM, KMS, CloudTrail, GuardDuty, Config, WAF, Control Tower).
• Architects cross-program and cross-project Security Architecture strategies, opportunities, and problem resolution, including hybrid and multi-cloud environments.
• Collaborates with DevOps, Cloud Engineering, and Application Development teams to embed security into CI/CD pipelines and cloud-native applications.
• Ensures conformance and compliance of projects and programs with architectural security guidelines and regulatory frameworks (e.g., NIST, ISO 27001, HIPAA) as applied to AWS, Azure and other cloud platforms.
• Drives and assists in aligning new security initiatives with senior management, particularly in the context of cloud workload migrations, cloud-native application development, and zero-trust architecture.
• Directs and guides the security staff in identifying, developing, implementing, and maintaining security processes to reduce risks, respond to incidents, and limit attack surface to the company’s cloud environments.
• Supports the mitigation of significant security risks, designs strategies and programs to prevent and minimize loss of organizational assets, all while optimizing costs and leveraging Azure-native automation and monitoring capabilities.
• Advises senior management of changes in the technical, legal, and regulatory areas impacting Information Security, especially those related to Microsoft’s evolving cloud compliance landscape.
• Assists with risk assessments closures and ensures that resulting action items are addressed in a timely manner, including cloud-specific threat modeling and secure design reviews.
• Assists with the development and implementation of security controls for Kubernetes clusters, containers, microservices, API’s and service mesh security patterns.
• Defines Information Security metrics and reports them to the steering committee, including KPIs related to cloud security posture management (CSPM), WIZ CNAPP, workload protection (CWPP), and identity governance (CIEM).
• Stays current with emerging cloud security capabilities, threats, vulnerabilities, and regulatory requirements.
• Performs other duties as assigned.
• Complies with all policies and standards.

Education/Experience:
A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) and requires 5 – 7 years of related experience.

Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.

Technical Skills:

• Expertise in Cloud Security Architecture (AWS & Azure)
• Experience with Technical Security Assessments on infrastructure, applications and platforms
• Experience with Security tools like Vulnerability Scanners
• Experience with Security Information & Event Management (SIEM)
• Experience with IT as it is related to Managed Healthcare

Soft Skills:

• Intermediate - Seeks to acquire knowledge in area of specialty
• Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
• Intermediate - Ability to work independently
• Intermediate - Demonstrated analytical skills
• Intermediate - Demonstrated project management skills
• Intermediate - Demonstrates a high level of accuracy, even under pressure
• Intermediate - Demonstrates excellent judgment and decision making skills
• Intermediate - Ability to communicate and make recommendations to upper management
• Intermediate - Ability to drive multiple projects to successful completion
• Intermediate - Possesses technical aptitude

License/Certification:

• CISSP or CISM preferred

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules. Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law, including full-time or part-time status. Total compensation may also include additional forms of incentives. Benefits may be subject to program eligibility.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.

Qualified applicants with arrest or conviction records will be considered in accordance with the LA County Ordinance and the California Fair Chance Act