Sr InfoSec Architect

Job Description

Job Summary

The Senior Security Architect will be a key leader in designing, evaluating, and enforcing security controls across our enterprise cloud and network environments. This role will focus on security reviews, network change assessments, cloud security architecture, and policy development, ensuring alignment with industry best practices and regulatory requirements. The ideal candidate will have a passion for technology and security, along with a deep expertise in Azure cloud security, network security technologies, and reviewing cloud-based platforms and integrations.

Key Responsibilities:

Security & Network Change Reviews:

• Perform security assessments for network changes, including:
  • Azure NSG, Firewall, and micro-segmentation technologies
  • Cloud resource firewalls (Azure, OCI, etc.)
  • SD-WAN and network integrations
  • Acquisitions and new site builds
• Review and approve security tool configurations (SIEM, SASE, EDR, CSPM, etc.)
• Assess cloud service onboarding (SaaS, IaaS, PaaS) for security risks
• Evaluate internal application & cloud deployments for security compliance

Security Architecture & Design:

• Define security requirements for cloud (Azure and M365) and hybrid environments
• Design and enforce security controls for applications, data, and infrastructure
• Review third-party integrations for security risks
• Collaborate with Enterprise Architecture, DevOps, and Engineering teams to embed security into design
• Assess security risks in AI/ML models, LLMs, and generative AI deployments.
• Implement security controls for Microsoft 365(M365) environments, including:
  • Microsoft Defender, Purview, DLP, Conditional Access
  • Email security, SharePoint, and Teams security configurations.
• Ensure secure integration between services (e.g., Azure OpenAI) and enterprise data.
• Review third party integrations (API, data pipelines) for exposure points.
• Evaluate container service onboarding for legacy systems migrating to containers, as well as native deployments.
• Design compensating controls for legacy systems with unaddressed gaps.
• Perform security gap analysis & risk mitigation
  • Identity security vulnerabilities in cloud (Azure), network, AI/ML deployments, M365 environments, and new implementations.
  • Develop actionable recommendations to address gaps.

Policy & Standards Development:

• Update and maintain cloud security policies, standards, and baselines
• Ensure compliance with industry frameworks (NIST, CIS, ISO 27001, etc.) standards (PCI DSS) and regulations (HIPAA/HITECH, various state regulations, etc.)
• Advise Legal, Procurement, and Risk teams on security requirements for vendor contracts

Collaboration & Advisory:

• Work with cross-functional teams to align security with business goals
• Provide security guidance for all of Molina's technologies
• Mentor junior security team members

Required Qualifications:

• Bachelor's degree in computer science, Cybersecurity, Information Systems, or equivalent education or work experience
• 6+ years in security architecture, cloud security, or network security
• Deep expertise in Azure cloud security (OCI/GCP is a plus)
• Deep understanding of containerization.
• Experience with:
  • Firewalls, NSGs, SD-WAN, micro-segmentation
  • Cloud security posture management (CSPM)
  • Identity & Access Management (IAM), Zero Trust
  • Microsoft 365 (M365) security expertise (Defender, Purview, DLP, Conditional Access)
  • Container security and migrations (Kubernetes, runtime security, legacy to cloud-native)
• Strong knowledge of security frameworks (NIST, CIS, ISO 27001, etc.), standards (PCI DSS) and regulations (HIPAA/HITECH)
• Experience reviewing security tools (SIEM, EDR, DLP, etc.)
• Proficient in at least one programming or scripting language such as Java, Python, .NET, JavaScript, or C++
• Experience in scripting languages such as PowerShell, Python, or Bash

Preferred Qualifications:

• AI/ML security experience (securing LLMs, generative AI, model governance)
• Databricks security experience (Unity Catalog, access controls, encryption)
• Certifications such as:
  • Azure Security Engineer (AZ-500)
  • CISSP, CCSP, or SABSA
• Experience with DevSecOps & Infrastructure as Code (Terraform, ARM/Bicep)

Soft Skills & Work Style:

• Strong communication & stakeholder collaboration
• Strong documentation skills
• Ability to work independently, fast paced, and adhere to documented process and SLA's. Must be able to properly manage time.
• Stay current with changing security technologies
• Ability to translate technical risks to business leaders
• Collaborative mindset - works well with engineering, legal, and architecture teams

Why Join Us?

• Influence enterprise-wide security strategy
• Work with cutting-edge cloud & data security technologies
• Remote work environment.

To all current Molina employees: If you are interested in applying for this position, please apply through the intranet job listing.

Molina Healthcare offers a competitive benefits and compensation package. Molina Healthcare is an Equal Opportunity Employer (EOE) M/F/D/V.