Staff Security Architect (Cloud Security & Incident Response)

Role Overview

PCCA is seeking a Staff Security Architect to serve as a hands-on security architecture and cloud security engineering leader. This role partners closely with Enterprise Architecture DevOps Engineering and Infrastructure teams to design and implement secure-by-default patternswith a strong emphasis on Azure cloud deployments identity and access management and DevSecOps. The role also leads cybersecurity incident response across Precision Health Holdings operating companies as needed; during active incidents incident leadership becomes the top priority.

Key Responsibilities

Security Architecture & Cloud Security Engineering (Primary)

Design and evolve PHH/PCCA security architecture standards reference architectures and security-by-default guardrails for cloud and hybrid environments.

Partner with DevOps and Engineering teams to secure Azure deployments (networking identity compute data and platform services).

Define secure patterns for CI/CD and Infrastructure-as-Code (IaC) pipelines including policy-as-code and automated security controls.

Architect identity solutions leveraging OAuth2 / OpenID Connect (OIDC) least-privilege access and strong authentication mechanisms.

Drive Zero Trust architecture initiatives across PHH/PCCA and its operating companies including segmentation device/user trust evaluation and conditional access.

Implement and tune cloud security controls (e.g. Azure Policy Defender for Cloud logging/alerting) and integrate telemetry into centralized monitoring/SIEM.

Perform security design reviews and threat modeling for new systems integrations and major changes; document risks and recommended mitigations.

Develop pragmatic security requirements and controls aligned to business risk and regulatory needs; help teams implement them efficiently.

Create implementation-ready artifacts (runbooks diagrams reference configs) and provide hands-on assistance during builds and migrations.

Cybersecurity Incident Leadership (As-Needed; Priority During Incidents)

Lead technical incident response across PHH operating companies coordinating containment eradication and recovery activities.

Triage security events to determine whether incidents can be handled in-house or require escalation/engagement of the virtual CISO (vCISO) and/or external partners.

Serve as a technical incident commander: manage timelines coordinate responders drive decision-making and ensure clear communications to stakeholders.

Conduct root cause analysis and lead post-incident reviews to drive preventive improvements (architecture controls detection and process).

Maintain and improve incident response playbooks tooling and escalation paths across subsidiaries to ensure consistent execution.

Required Experience:

Staff IC