Anticipated End Date:2026-07-01
Position Title:Cloud Security Architect (Information Security Executive Advisor)
Job Description:Cloud Security Architect (Information Security Executive Advisor)Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Ideal candidates will be able to report to one of our Pulse Point locations in Indianapolis, IN, Norfolk, VA, Mason, OH or Tampa, FL. Alternate locations may be considered if candidates reside within a commuting distance from an office.
Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law.
The
Cloud Security Architect (Information Security Executive Advisor) will design, implement, and govern secure cloud architectures across AWS and Microsoft Azure environments. This role will serve as a strategic leader in cloud security, partnering with engineering, DevOps, and compliance teams to embed security best practices into all stages of cloud adoption and operations. The ideal candidate combines deep technical expertise with strong leadership and communication skills, enabling them to influence enterprise-wide security strategy while ensuring practical, scalable implementation.
How you will make an impact:- Designs and enforces secure cloud architecture patterns for AWS and Azure environments.
- Develops references architectures, guardrails, and best practices aligned with enterprise security policies.
- Evaluates and recommends cloud-native and third-party security solutions.
- Defines and drives cloud security strategy, standards, and frameworks (e.g., Zero Trust, DevSecOps).
- Ensures alignment with regulatory and compliance requirements (e.g., ISO 27001, SOC 2, NIST).
- Establishes security baselines, policies, and architectural reviews.
- Architects secure IAM strategies including least privilege, RBAC, ABAC, and federation.
- Implements identity governance across AWS and Azure (Azure AD/Entra ID, IAM roles, policies).
- Designs solutions for data encryption (at rest/in transit), key management (KMS, Azure Key Vault), and data classification.
- Ensures secure data handling across services, including storage, databases, and analytics platforms.
- Secures compute platforms (VMs, containers, serverless) using best practices and tooling.
- Implements security controls for Kubernetes (EKS/AKS), including runtime protections.
- Architects and integrates logging, monitoring, and SIEM/SOAR solutions (e.g., Sentinel, Security Hub, Defender).
- Supports incident response planning and cloud-specific threat modeling.
- Integrates security into CI/CD pipelines through automated testing, scanning, and policy enforcement.
- Guides teams on secure coding practices and infrastructure-as-code (IaC) security.
- Conducts cloud risk assessments, threat modeling, and security reviews.
- Supports audits and ensures continuous compliance posture.
- Partners with application, infrastructure, and security teams to drive secure adoption.
- Mentors engineers and influences security culture across the organization.
- Establishes architecture oversight and planning for information and network security technologies.
- Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations.
- Establishes strategic vendor relationships for security products and services.
- Develops enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements.
- Provides advanced level engineering design functions.
- Provides trouble resolution and serves as point of technical escalation on complex problems.
- Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the enterprise.
- Provides technical guidance and leadership to the technical engineers within the organization.
- Participates in the design of the enterprise architecture.
- Proposes opportunities to improve results based on targeted or continuous assessment .
- Researches relevant trends and activities in healthcare, business, competition, and regulatory environments.
- Recommends strategy adjustments.
- Participates in enterprise planning activity, including vendor assessment, technology platform selection and retirement, prioritization and integration.
Minimum Requirements:Requires BS/BA in Information Technology or related field of study and a minimum of 10 years' experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background.
Preferred Skills, Capabilities and Experiences:- 8+ years of IT/security experience with at least 3-5 years focused on cloud security highly preferred.
- Deep hands-on experience with AWS security services (IAM, KMS, GuardDuty, Security Hub, WAF, Shield) and Azure security services (Microsoft Defender, Sentinel, Key Vault, Entra ID) highly preferred.
- Strong understanding of Cloud networking (VPCs/VNets, private endpoints, segmentation), Identity and access management principles, Encryption, key management, and secrets management highly preferred
- Experience with DevSecOps tools and CI/CD pipelines highly preferred.
- Knowledge of security frameworks (NIST, CIS Benchmarks, OWASP, Zero Trust) highly preferred.
- Relevant certifications AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate (or Architect Expert), CISSP, CCSP, or equivalent highly preferred.
- Experience with Kubernetes security (EKS/AKS), Infrastructure-as-Code (Terraform, ARM, Bicep, CloudFormation) and Cloud Security Posture Management (CSPM) tools highly preferred.
- Experience working in regulated industries (finance, healthcare, etc.) highly preferred.
- Strategic thinking and architectural design experience preferred.
- Strong communication and stakeholder engagement experience preferred.
- Problem-solving and risk management experience preferred.
- Ability to balance security with business agility preferred.
Job Level:Non-Management Exempt
Workshift:1st Shift (United States of America)
Job Family:IFT > IT Security & Compliance
Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health.
NOTE: Workday keeps job postings active through 11:59:59 PM on the day before the listed end date. Example: If the end date is 3/13, the posting will automatically come down on 3/12 at 11:59:59 PM. In other words - the job is posted until 3/13, not through 3/13.
