Cloud Security Architect (Information Security Executive Advisor)

Anticipated End Date:

2026-07-01

Position Title:

Cloud Security Architect (Information Security Executive Advisor)

Job Description:

Cloud Security Architect (Information Security Executive Advisor)

Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace.  Ideal candidates will be able to report to one of our Pulse Point locations in Indianapolis, IN, Norfolk, VA, Mason, OH or Tampa, FL. Alternate locations may be considered if candidates reside within a commuting distance from an office.

Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law.

The Cloud Security Architect (Information Security Executive Advisor) will design, implement, and govern secure cloud architectures across AWS and Microsoft Azure environments. This role will serve as a strategic leader in cloud security, partnering with engineering, DevOps, and compliance teams to embed security best practices into all stages of cloud adoption and operations.  The ideal candidate combines deep technical expertise with strong leadership and communication skills, enabling them to influence enterprise-wide security strategy while ensuring practical, scalable implementation.

How you will make an impact:

• Designs and enforces secure cloud architecture patterns for AWS and Azure environments.

• Develops references architectures, guardrails, and best practices aligned with enterprise security policies.

• Evaluates and recommends cloud-native and third-party security solutions.

• Defines and drives cloud security strategy, standards, and frameworks (e.g., Zero Trust, DevSecOps).

• Ensures alignment with regulatory and compliance requirements (e.g., ISO 27001, SOC 2, NIST).

• Establishes security baselines, policies, and architectural reviews.

• Architects secure IAM strategies including least privilege, RBAC, ABAC, and federation.

• Implements identity governance across AWS and Azure (Azure AD/Entra ID, IAM roles, policies).

• Designs solutions for data encryption (at rest/in transit), key management (KMS, Azure Key Vault), and data classification.

• Ensures secure data handling across services, including storage, databases, and analytics platforms.

• Secures compute platforms (VMs, containers, serverless) using best practices and tooling.

• Implements security controls for Kubernetes (EKS/AKS), including runtime protections.

• Architects and integrates logging, monitoring, and SIEM/SOAR solutions (e.g., Sentinel, Security Hub, Defender).

• Supports incident response planning and cloud-specific threat modeling.

• Integrates security into CI/CD pipelines through automated testing, scanning, and policy enforcement.

• Guides teams on secure coding practices and infrastructure-as-code (IaC) security.

• Conducts cloud risk assessments, threat modeling, and security reviews.

• Supports audits and ensures continuous compliance posture.

• Partners with application, infrastructure, and security teams to drive secure adoption.

• Mentors engineers and influences security culture across the organization.

• Establishes architecture oversight and planning for information and network security technologies.

• Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations.

• Establishes strategic vendor relationships for security products and services.

• Develops enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements.

• Provides advanced level engineering design functions.

• Provides trouble resolution and serves as point of technical escalation on complex problems.

• Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the enterprise.

• Provides technical guidance and leadership to the technical engineers within the organization.

• Participates in the design of the enterprise architecture.

• Proposes opportunities to improve results based on targeted or continuous assessment .

• Researches relevant trends and activities in healthcare, business, competition, and regulatory environments.

• Recommends strategy adjustments.

• Participates in enterprise planning activity, including vendor assessment, technology platform selection and retirement, prioritization and integration.

Minimum Requirements:

Requires BS/BA in Information Technology or related field of study and a minimum of 10 years’ experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background.

Preferred Skills, Capabilities and Experiences:

• 8+ years of IT/security experience with at least 3–5 years focused on cloud security highly preferred.

• Deep hands-on experience with AWS security services (IAM, KMS, GuardDuty, Security Hub, WAF, Shield) and Azure security services (Microsoft Defender, Sentinel, Key Vault, Entra ID) highly preferred.

• Strong understanding of Cloud networking (VPCs/VNets, private endpoints, segmentation), Identity and access management principles, Encryption, key management, and secrets management highly preferred

• Experience with DevSecOps tools and CI/CD pipelines highly preferred.

• Knowledge of security frameworks (NIST, CIS Benchmarks, OWASP, Zero Trust) highly preferred.

• Relevant certifications AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate (or Architect Expert), CISSP, CCSP, or equivalent highly preferred.

• Experience with Kubernetes security (EKS/AKS), Infrastructure-as-Code (Terraform, ARM, Bicep, CloudFormation) and Cloud Security Posture Management (CSPM) tools highly preferred.

• Experience working in regulated industries (finance, healthcare, etc.) highly preferred.

• Strategic thinking and architectural design experience preferred.

• Strong communication and stakeholder engagement experience preferred.

• Problem-solving and risk management experience preferred.

• Ability to balance security with business agility preferred.

Job Level:

Non-Management Exempt

Workshift:

1st Shift (United States of America)

Job Family:

IFT > IT Security & Compliance

Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health.

Who We Are

Elevance Health is a health company dedicated to improving lives and communities – and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve.

How We Work

At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business.

We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few.

Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process.

The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws.

Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process should submit the following form: Accessibility Accommodation Request Form and a member of the team will be in contact. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Prospective employees required to be screened under Florida law should review the education and awareness resources at HB531 | Florida Agency for Health Care Administration.

NOTE: Workday keeps job postings active through 11:59:59 PM on the day before the listed end date. Example: If the end date is 3/13, the posting will automatically come down on 3/12 at 11:59:59 PM. In other words — the job is posted until 3/13, not through 3/13.