Security Architect (part-time)

We are seeking a skilled Security Architect (part-time) to join our team for a US-based SaaS Healthcare project. This role is integral in building and implementing a robust security architecture focused on a microservices architecture environment. As a Security Architect, you will collaborate closely with cross-functional teams to ensure security standards are embedded across the development lifecycle of our SaaS platform.

Requirements:

- 2+ years of Proven experience as a Security Architect.

- 6+ years of security experience across areas such as mobile security, secure coding, identity management, cryptography, network security, and system administration, with a focus on healthcare-related projects.

- Strong expertise in security engineering, authentication protocols, and cryptographic technologies.

- Deep understanding of microservices architecture and its security implications, particularly in cloud-based environments.

- Experience in designing and implementing security protocols and solutions at a business division or enterprise level.

- Strong understanding of network protocols (TCP/IP, IPSEC, HTTP/HTTPS) and security protocols related to web services.

- Hands-on experience with secure architecture reviews, threat modeling, and secure coding practices.

- Excellent written and verbal communication skills to effectively engage with technical and non-technical stakeholders, especially in explaining complex security concepts.

- English is upper -intermediate.

Responsibilities:

- Design and implement a scalable and secure architecture that aligns with the unique needs of a healthcare SaaS platform. Collaborate with development teams to ensure that security is deeply integrated into the design of microservices, APIs, and other system components.

- Conduct comprehensive security reviews for web and mobile applications, ensuring adherence to best practices in secure coding, encryption, and authentication methods.

- Identify potential threats to the system and develop threat models for both existing and upcoming projects. Ensure that vulnerabilities are mitigated before they impact the system or its data.

- Oversee the implementation of security controls at the business division level, ensuring compliance with healthcare security standards such as HIPAA. Work closely with DevOps teams to incorporate security automation within CI/CD pipelines.

- Lead the architecture and implementation of robust IAM solutions, including multi-factor authentication, identity federation, and secure session management, tailored to healthcare environments.

- Ensure that the platform meets regulatory requirements, including HIPAA, HITECH, and other relevant healthcare security regulations. Collaborate with legal and compliance teams to ensure that all security policies align with healthcare standards.

- Provide regular security training to development and operations teams, fostering a security-first mindset across the organization. Develop security guidance documentation for internal stakeholders.

- Conduct ongoing research on emerging security threats, tools, and best practices. Proactively enhance the security posture of the platform by implementing innovative security solutions.

- Develop and track key security metrics, using them to improve security operations and processes. Collaborate with internal teams to develop security tools tailored to the platform's needs.