Job Specifications
Enterprise Security Architect
Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office.
Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law.
The Enterprise Security Architect is the enterprise's senior-most technical security architecture leader for modern platforms and emerging technology adoption. This role serves as a hands-on design authority and technical executive advisor - driving enterprise security architecture strategy, defining enforceable reference architectures and patterns, and governing secure implementation across Elevance Health's large-scale hybrid environments. The role leads the Enterprise Security Architecture (ESA) function and chairs the Security Architecture Review Board (SARB), partnering in lockstep with Enterprise Architecture to drive consistent, enforceable security-by-design decisions across the enterprise.
This role operates at the intersection of enterprise strategy and deep engineering execution, providing decisive architectural direction for complex initiatives involving AI/ML (including GenAI/LLMs), Zero Trust, cloud platforms, cloud-native engineering (Kubernetes, containers, service mesh), identity, data protection, and secure SDLC/MDLC. The role is accountable for measurable outcomes: risk reduction, consistency of security-by-design, faster delivery through reusable patterns, and demonstrable compliance alignment.
How You Will Make An Impact
Produce executive-ready, audit-defensible architecture documentation (standards, reference architectures, patterns, roadmaps, and decision records) that aligns with regulatory, audit, and enterprise architecture governance requirements.
Own and evolve the enterprise security architecture vision for AI-enabled, cloud-first, Zero Trust-aligned platforms, including principles, standards, reference architectures, and reusable patterns.
Define and drive Zero Trust architecture patterns aligned to NIST Zero Trust Architecture (SP 800-207) and CISA Zero Trust Maturity Model (identity, device, network/environment, application/workload, data, and visibility/analytics).
Maintain, evolve, and expand enterprise AI security architecture and guardrails aligned to NIST AI RMF 1.0 and associated guidance for GenAI risk management profiles.
Define and maintain secure-by-default cloud reference architectures across AWS/Azure and GCP.
Partner in lockstep with Enterprise Architecture and OCISO stakeholders to operationalize governance through repeatable assessment methods, architecture reviews, and enforcement mechanisms, producing durable artifacts (reference architectures, patterns, standards, roadmaps, and decision records).
Chair and operate the Security Architecture Review Board (SARB), defining intake, review criteria, decision records, and exception processes; ensure timely decisions and appropriate executive escalation.
Develop and deliver concise, executive-ready briefings that translate security architecture tradeoffs into business impact, options, and recommendations for enterprise leadership.
Recommends new technologies for domains based upon business value drivers and return on investment; drives new technologies towards implementation and exploitation.
Establishes overall systems architecture vision and ensures specific components are appropriately designed and leveraged; contributes to the holistic vision of Enterprise Architecture.
Takes responsibility for health of overall architecture for market segment.
Maintains components of architecture strategy and vision.
Maintains enterprise level blueprints.
Coordinates all enterprise-level conceptual architecture components (e.g., data architecture, application architecture, technical architecture).
Monitors usage of architectural components and assumes responsibility for reuse.
Drives system migration based upon roadmaps defined in enterprise and domain blueprints. Leads architecture strategy and vision for enterprise.
Ensures blueprints are refreshed as needs emerge or in accordance to plan of record changes.
Provides continuous consulting services and direction in projects and architectures.
Champions and responsible for enterprise level technology and architectural standards, guidelines, principles, frameworks, and reference models.
Defines systems, technical, and application architectures for new strategic initiatives; develops and maintains an architectural blueprint and evolutionary roadmap that defines and communicates the strategic dire