← Back to all jobs
name

Director, Security Architecture

name

4h ago

0$135k - $208kDevUnited Stateshimalayas
Security-ArchitectureInformation-SecurityCybersecurity-LeadershipIT-DirectorEnterprise-ArchitectureDirector-Of-Security-EngineeringSecurity-Engineering-DirectorSenior-Director-Of-SecurityDirector-Of-Security-Program-ManagementDirector

Job Description

What Information Security and Risk contributes to Cardinal HealthInformation Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.Job SummaryThe Director, Security Architecture is responsible for establishing, leading, and developing the security architecture strategy, standards, and design practices to enable secure, scalable, and resilient technology solutions across the organization. Reporting to the Vice President, Information Security & Risk, this role serves as a technical leader responsible for aligning security architecture with business priorities, risk management objectives, and enterprise GTBS strategies.This role leads all aspects of security architecture, including architecture strategy and governance, technical security standards, solution design and advisory, architecture reviews, and tooling optimization. It plays a critical role in embedding security into the development lifecycle, guiding technology investments, and ensuring that security requirements are integrated into enterprise architectures and solutions from inception through deployment.ResponsibilitiesOrganizational Leadership & Architecture StrategyDevelop and lead the enterprise security architecture strategy aligned with cybersecurity, risk management, and business objectivesEstablish governance frameworks and processes to guide secure design, technology selection, and solution deployment across the organizationCollaborate with cybersecurity leadership, enterprise architecture, and technology teams to define target-state architecture and long-term roadmapServe as an advisor to leadership on security architecture priorities, risks, and investment decisionsSecurity Architecture Standards & GovernanceDevelop, maintain, and enforce enterprise security architecture standards, including design principles, control requirements, and implementation guidelinesEnsure standards are aligned with regulatory requirements, industry frameworks, and organizational risk toleranceEstablish governance processes for adoption and enforcement of architecture standards across global cybersecurity and technology teamsContinuously update and refine standards to address emerging threats, technologies, and business needsSecurity Architecture Review & ValidationOversee architecture review processes to evaluate solutions and system designs against security standards, risk requirements, and enterprise architectureEnsure security risks are identified, documented, and addressed prior to implementationProvide approval and validation of security architecture decisions, including exception handling and risk acceptance processesDrive consistency and quality in architecture review practices across teamsCybersecurity Advisory for Development & DesignProvide proactive security guidance and risk-informed recommendations during solution design and developmentPartner with application, engineering, and commercial technology teams to embed security requirements early in the development lifecycleSupport security-by-design reviews, pre-implementation assessments, and architecture decision-making for new initiatives and technologiesAct as a technical liaison to translate security requirements and risks for both technical and non-technical stakeholdersSecurity Tooling & Architecture OptimizationAssess, rationalize, and optimize the cybersecurity tooling landscape to reduce complexity, eliminate redundancies, and improve capability coverageEnsure tooling aligns with enterprise security architecture and supports effective risk management and operational capabilitiesPartner with engineering and infrastructure teams to integrate tools into the broader cybersecurity ecosystemDrive continuous improvement of tooling strategy to support scalability, efficiency, and innovationSecurity Architecture Design & Engineering EnablementDefine and support reference architectures, design patterns, and reusable security solutions to enable secure system developmentOversee and guide the implementation of security controls within applications, infrastructure, and platformsSupport teams in designing secure solutions that balance security, performance, scalability, and usabilityPromote adoption of secure-by-design principles across development and engineering teamsCapability Mapping & Roadmap DevelopmentAssess current and target security capabilities, mapping them to bus