Principal Security Architect

The Principal Security Architect provides architectural leadership and vision for security across the enterprise. The successful candidate will be a senior hands-on expert responsible for infusing security into all aspects of our technology landscape. They will work as a contemporary with other architects to improve new and existing designsproactively identify and remediate risks in operational systemsand act as a key consultant and mentor.

This is a hybrid role and the selected candidate must be near-site to one of Quest Diagnostics hub locations. Preferred locations are Secaucus NJ East Norriton PA or Schaumburg IL. Pay Range: $160000-$225000/year 20% Annual Incentive Plan.

Salary offers are based on a wide range of factors including relevant skills training experience education and where applicable certifications obtained. Market and organizational factors are also considered. Successful candidates may be eligible to receive annual performance bonus compensation.

This role is adept in two distinct domains:

• Security Reference Architecture:Creating and maintaining a library of reusable high-level templatized security architectures and patterns that serve as a secure baseline for all technology solutions.
• Security Consulting & Solution Architecture:Collaborating with solution and enterprise architects to integrate robust security principles and controls into their designs. This involves reviewing co-designing and improving detailed solution architectures to ensure they are secure-by-design across on-premises hybrid and multi-cloud (AWS Azure and GCP) environments.

This role requires the creation and ownership of theEnterprise Security Strategy and Roadmapfor these architectural areas. The architect will also support the M&A Architecture team by providing critical security-focused input on transition architectures for acquired companies. This position reports to the Sr. Director of Infrastructure & Cloud Architecture and works closely with Solution Architects CloudOps DevSecOps the Enterprise Security team business customers and vendors.

The architect will work with a team of US-based remote architects and a growing team in our India office creating architecture with a geographic scope covering the US Canada Finland and Mexico. This position reports to the Sr. Director of Infrastructure & Cloud Architecture and works closely with CloudOps DevSecOps Security teams business customers and vendors.

The Principal Security Architect is responsible for directing the security architecture and strategy for the Technology Department. This is a senior hands-on technical role not a direct people management position. The architect will set the security vision by developing both high-level security reference architectures and consulting on detailed solution architectures guiding projects from concept to completion. The successful candidate will act as a key security consultant to business and technology partnersincluding peer architectsensuring solutions are robust secure and strategically aligned while also providing mentorship to the broader architecture team.

Security Architecture Design and Collaboration

• Apply expert knowledge of security architecture threat modeling and secure implementation patterns across on-premises hybrid and multi-cloud (Azure AWS and GCP) environments.

• Utilize and promote knowledge of DevSecOps embedding security principles and tooling into CI/CD pipelines and processes.

• Serve as the lead Subject Matter Expert for the Technology Departments security architecture guiding technology decisions to ensure architectural integrity and consistency across all projects.

• Develop and govern a library of reusableSecurity Reference Architectures(secure design patterns) to accelerate project delivery improve solution quality and reduce risk.

• Collaborate with solution and enterprise architects to integrate security controls into theirSolution Architectures ensuring designs are secure from inception.

• Demonstrate leadership ability to back security decisions with research and the why and articulate several options the pros and cons for each and a final recommendation.

• Maintain overall industry knowledge on the latest security trends threats and relevant technologies.

• Define optimal security patterns and solutions for data protection identity and access management and high availability/disaster recovery.

Consultation & Partnership

• Partner with business and technology teams to translate functional requirements into secure scalable and resilient technology solutions.

• Act as a key architectural liaison between project teams and the Enterprise Security Team streamlining communication and ensuring security requirements are met efficiently to accelerate project delivery.

• Analyze vendor-provided reference architectures and solutions suggesting improvements and implementation options that align with company standards and formally documenting any exceptions or accepted risks.

• Proactively review existing operational systems and services using available tooling to identifyand document architectural security gaps and collaborate with system owners to drive security improvements.

• Lead the architectural analysis and resolution of complex security-related technical issues to minimize business impact and prevent future occurrences.

• Provide support and technical governance offering security expertise related to cloud architectures deployment and operations to the same customers that our architects work with.

Thought Leadership

• Provide thought leadership in the security industry and to fellow team members across business and technical project dimensions solving complex business requirements with a security-first mindset.

• Establish and maintain the technology vision and strategy for enterprise security ensuring the architectural roadmap enables long-term business ambitions in a secure manner.

• Advocate and define the security architecture vision from a strategic perspective promoting a secure-by-design culture across the organization.

Mentoring

• Mentor and develop the security capabilities of the entire architecture team fostering a culture of security excellence innovation and continuous improvement.

• Masters degree in Computer Science Information Systems or a related field or equivalent experience; an advanced degree is preferred.

• 10 years of experience in technology architecture with a proven track record of designing and delivering large complex IT solutionswith at least 7 of those years focused specifically on security architecture.

• Expert knowledge of cloud security architecture acrossAWS Azure and GCP including application system design data protection and systems integration.

• Professional security and cloud certifications are strongly preferred such as:

• General Security:CISSP CISM CCSP

• Cloud-Specific:AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Expert Google Professional Cloud Security Engineer

• Deep expertise in traditional on-premises infrastructure (e.g. data centers server virtualization storage network security) is essential for leading security assessments and architecting hybrid solutions.

• Proven ability to operate at all levels comfortable with high-level strategic thinking while also capable of diving deep into technical details to troubleshoot and validate security designs.

• Experience in the healthcare industry is strongly preferred and highly valued.

• Strong executive presence and leadership skills coupled with a sense ofownershipand full accountability for securing solutions from design through to operational success.

• Demonstrated ability to thrive in a dynamic environment adjusting priorities as circumstances dictate.

• Excellent verbal and written communication skills with the ability to articulate complex security concepts and risks to diverse audiences from engineers to executives.