Principal Security Architect
Quest Diagnostics · Secaucus, NJ · 1 mo ago
Information Technology$160k–$225k/yrFull-time
About the role
The Principal Security Architect provides architectural leadership and vision for security across the enterprise. The successful candidate will be a senior, hands-on expert responsible for infusing security into all aspects of our technology landscape. They will work as a contemporary with other architects to improve new and existing designs, proactively identify and remediate risks in operational systems, and act as a key consultant and mentor.
Responsibilities
- Direct the security architecture and strategy for the Technology Department.
- Set the security vision by developing both high-level security reference architectures and consulting on detailed solution architectures, guiding projects from concept to completion.
- Act as a key security consultant to business and technology partners—including peer architects—ensuring solutions are robust, secure, and strategically aligned, while also providing mentorship to the broader architecture team.
- Apply expert knowledge of security architecture, threat modeling, and secure implementation patterns across on-premises, hybrid, and multi-cloud (Azure, AWS, and GCP) environments.
- Utilize and promote knowledge of DevSecOps, embedding security principles and tooling into CI/CD pipelines and processes.
- Serve as the lead Subject Matter Expert for the Technology Department's security architecture, guiding technology decisions to ensure architectural integrity and consistency across all projects.
- Develop and govern a library of reusable Security Reference Architectures (secure design patterns) to accelerate project delivery, improve solution quality, and reduce risk.
- Collaborate with solution and enterprise architects to integrate security controls into their Solution Architectures, ensuring designs are secure from inception.
- Demonstrate leadership ability to back security decisions with research and the "why," and articulate several options, the pros and cons for each, and a final recommendation.
- Maintain overall industry knowledge on the latest security trends, threats, and relevant technologies.
- Define optimal security patterns and solutions for data protection, identity and access management, and high availability/disaster recovery.
- Partner with business and technology teams to translate functional requirements into secure, scalable, and resilient technology solutions.
- Analyze vendor-provided reference architectures and solutions, suggesting improvements and implementation options that align with company standards, and formally documenting any exceptions or accepted risks.
- Proactively review existing operational systems and services using available tooling to identify and document architectural security gaps and collaborate with system owners to drive security improvements.
- Lead the architectural analysis and resolution of complex security-related technical issues to minimize business impact and prevent future occurrences.
- Provide support and technical governance, offering security expertise related to cloud architectures, deployment, and operations to the same customers that our architects work with.
- Provide thought leadership in the security industry and to fellow team members across business and technical project dimensions, solving complex business requirements with a security-first mindset.
- Establish and maintain the technology vision and strategy for enterprise security, ensuring the architectural roadmap enables long-term business ambitions in a secure manner.
- Advocate and define the security architecture vision from a strategic perspective, promoting a "secure-by-design" culture across the organization.
- Mentor and develop the security capabilities of the entire architecture team, fostering a culture of security excellence, innovation, and continuous improvement.
Qualifications
- Master’s degree in Computer Science, Information Systems, or a related field, or equivalent experience; an advanced degree is preferred.
- 10+ years of experience in technology architecture, with a proven track record of designing and delivering large, complex IT solutions, with at least 7 of those years focused specifically on security architecture.
- Expert knowledge of cloud security architecture across AWS, Azure, and GCP, including application system design, data protection, and systems integration.
- Professional security and cloud certifications are strongly preferred, such as: General Security: CISSP, CISM, CCSP Cloud-Specific: AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Expert, Google Professional Cloud Security Engineer.
- Deep expertise in traditional on-premises infrastructure (e.g., data centers, server virtualization, storage, network security) is essential for leading security assessments and architecting hybrid solutions.
- Proven ability to operate at all levels, comfortable with high-level strategic thinking while also capable of diving deep into technical details to troubleshoot and validate security designs.
- Experience in the healthcare industry is strongly preferred and highly valued.
- Strong executive presence and leadership skills, coupled with a sense of ownership and full accountability for securing solutions from design through to operational success.
- Demonstrated ability to thrive in a dynamic environment, adjusting priorities as circumstances dictate.
- Excellent verbal and written communication skills, with the ability to articulate complex security concepts and risks to diverse audiences, from engineers to executives.