HPC Security Architect

Stony Brook Medicine

$120K — $150K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree or 9 years of relevant cybersecurity experience
  • 5 years in cybersecurity and experience with research computing
  • Familiarity with NIST 800-171, HIPAA, and regulated data
  • Proficient in identity and access management
  • Experience in network and system security design
  • Knowledge of Linux systems and high-performance storage architectures
  • Ability to translate regulatory requirements into technical solutions.

Responsibilities

  • Lead security architecture design for advanced research computing environments
  • Define security measures and strategies across multiple research tiers
  • Implement compliance controls for HIPAA and NIST regulations
  • Architect identity and access management systems for research stakeholders
  • Develop secure research environments and data governance frameworks
  • Conduct risk assessments and threat modeling for HPC workloads
  • Provide security engineering guidance for HPC infrastructure.

Benefits

  • Hybrid telecommuting options (up to 5 remote days per pay period)
  • Opportunity to develop security guidance tailored for research environments
  • Collaboration with faculty on securing research proposals
  • Access to cutting-edge research computing resources at Stony Brook University
  • Engagement in impactful projects with a focus on compliance and governance.
Full Job Description
Required Qualification (as evidenced by an attached resume)

Bachelor's degree. In lieu of a degree, a combination of directly related full-time experience in cybersecurity, with experience in research computing or large-scale distributed systems totaling nine [9] years may be considered. Five [5] years of experience in cybersecurity, with experience in research computing or large-scale distributed systems. Experience in NIST 800-171, HIPAA, and regulated data environments. Experience with Identity and access management architectures. Experience with Network and system security design. Experience with Linux systems, high-performance networking, and storage architectures. Experience with translating complex regulatory requirements into technical implementations.

Preferred Qualifications:
Advanced degree (foreign equivalent or higher). Experience supporting HPC environments or research infrastructure. Experience in AI/ML security, model governance, and data provenance. Experience with federated identity (InCommon, SAML, OIDC) and research collaboration frameworks. Certified in CISSP, CISM, CCSP, or similar.

Brief Description of Duties:

The HPC Security Architect leads the design, implementation, and governance of security architecture across Stony Brook University's advanced research computing ecosystem, including AMA27, SeaWulf, NVWulf, and ClinWulf. This role establishes a comprehensive, risk-based security framework ensuring compliance with HIPAA, NIST 800-171, NIH GDS, and emerging AI governance standards. The incumbent operates at the intersection of research enablement and enterprise security, partnering with the Division of Information Technology (DoIT), Stony Brook Medicine IT (SBMIT), Research Security, IRB, and faculty to embed secure-by-design principles across compute, storage, data workflows, and collaborative research environments. The HPC Security Architect must have the ability to communicate with others effectively.

HPC Security Architecture & Strategy
• Design and maintain a multi-tier security architecture for research computing environments spanning SeaWulf, NVWulf, ClinWulf, and AMA27 (NSF Tier-1 HPC).
• Define reference architectures for secure compute, storage (GPFS/Arcastream), and high-speed networking (InfiniBand).
• Establish segmentation strategies (network, identity, workload isolation) across research tiers.
• Lead adoption of zero trust principles in HPC and research environments.
• Align HPC security strategy with institutional and SUNY-wide initiatives (e.g., Empire AI).

Compliance & Regulatory Alignment
• Lead implementation of security controls aligned to HIPAA Security Rule, NIST 800-171/CMMC, NIH Genomic Data Sharing (GDS) Policy, and federal export control requirements.
• Partner with Research Security, Privacy, IRB, and Legal to define compliant research computing patterns and support Data Use Agreements (DUAs).
• Enable secure data acquisition, storage, and sharing workflows.
• Develop and maintain System Security Plans (SSPs) and supporting documentation for regulated environments.

Identity, Access, and Data Security
• Architect and enforce identity and access management (IAM) integration (e.g., SailPoint, federated access, MFA).
• Implement role-based and attribute-based access controls for HPC and research datasets.
• Define secure onboarding workflows for faculty, research staff, external collaborators, and federated/national computing environments (e.g., NSF ACCESS, Empire AI).
• Oversee data protection strategies, including encryption, key management, and secure data lifecycle controls.

Secure Research Environments & Data Governance
• Design and operationalize tiered secure research environments (open, restricted, regulated).
• Collaborate with Data Brokerage and Honest Broker services to ensure privacy-preserving data access.
• Define secure data pipelines for clinical data (EMR integrations, TriNetX, OnCore/Cerner RPE), genomic and imaging data, and large-scale AI/ML datasets.
• Establish controls for secure collaboration and data sharing, including external access frameworks.

Threat Modeling, Risk Management & Incident Response
• Conduct threat modeling for HPC and AI workloads, including supply chain and model security risks.
• Lead risk assessments for new research initiatives and infrastructure deployments.
• Partner with enterprise security teams to integrate HPC into SOC monitoring, vulnerability management, and incident response processes.
• Develop playbooks for research-specific incident scenarios (e.g., data exfiltration, misuse of compute resources).

Infrastructure & Platform Security Engineering
• Provide security guidance for Linux-based HPC environments, container platforms (Singularity/Apptainer, Kubernetes), and scheduler systems (SLURM).
• Define secure configurations for GPU systems, AI pipelines, high-performance storage systems (GPFS), and research cloud integrations (Azure HIPAA environments).
• Support high-speed Networking (InfiniBand & Ultra Ethernet) design, including topology and switch configurations.
• Familiarity with one or more of Cumulus, Mellanox Onyx, or SONiC NOSes.
• Storage design, configuration, and benchmarking experience spanning high-speed flash, spinning disk, and archival solutions.

Training, Outreach & Research Enablement
• Develop and deliver security guidance and training tailored to researchers and technical staff.
• Serve as a trusted advisor to faculty on secure research design and grant proposals.
• Contribute to letters of support and DMSP guidance related to secure computing environments.

Other duties and projects as assigned and appropriate to rank and area mission.

Special Notes:
This is a full-time appointment. FLSA Exempt position, not eligible for the overtime provisions of the FLSA. Minimum salary threshold must be met to maintain FLSA exemption.

For this position, we are unable to sponsor candidates for work visas.

SUNY implemented a hybrid telecommuting pilot program. This position has been approved to participate in the pilot, which allows for up to 5 remote days per pay period.

Resume/CV and cover letter should be included with the online application.

Similar Jobs

More Jobs at Stony Brook Medicine

  • HPC Security Architect
    $120K — $150K *
    Stony Brook, NY 11790 (Suffolk County)
    Information Technology
    In-Person
  • Psychiatrist
    $290K — $315K *
    Greenport, NY 11944 (Suffolk County)
    Healthcare
    In-Person
  • Neurologist
    $350K — $450K *
    Greenport, NY 11944 (Suffolk County)
    Healthcare
    In-Person
  • Ultrasound Technician
    $78K — $110K *
    West Islip, NY 11795 (Suffolk County)
    Healthcare
    In-Person
  • Vascular Technician
    $104K — $114K *
    Southampton, NY 11968 (Suffolk County)
    Healthcare
    In-Person

More Information Technology Jobs

Find similar HPC Security Architect jobs: