Principal Security Architect

Direct message the job poster from Independence Pet Holdings

Principal Tech Recruiter at IPH (think pets!), Tabletop RPG Nerd (more than D&D)

Established in 2021, Independence Pet Holdings is a corporate holding company that manages a diverse and broad portfolio of modern pet health brands and services, including insurance, pet education, lost recovery services, and more throughout North America.

We believe pet insurance is more than a financial product and build solutions to simplify the pet parenting journey and help improve the well-being of pets. As a leading authority in the pet category, we operate with a full stack of resources, capital, and services to support pet parents. Our multi-brand and omni-channel approach include our own insurance carrier, insurance brands and partner brands.

Role Overview

In close collaboration with the CISO team, this role defines and governs enterprise security architecture for IPH, embedding security into all platforms, applications, and processes. The Security Architect will enable secure adoption of cloud-native services, AI-driven automation, and zero-trust principles across the enterprise, while ensuring compliance with global regulatory frameworks.

Key Focus Areas

• Establishing unified security architecture across multiple zones/domains/lines of business

• Driving Zero Trust adoption and identity-centric security

• Governing AI/ML security and Responsible AI aligned to NIST AI RMF

• Embedding security in Dev Ops and defining reusable security patterns

• Mapping controls to regulatory frameworks (PCI-DSS, SOC 2, HIPAA, GDPR/CCPA, NAIC, Quebec Law 25)

• Secure and Align with IPH Calandra Toolkit and Skylark Security Stack for standards and implementation

Key Responsibilities

• Enterprise Security Architecture (30%) Define and maintain security architecture standards for the enterprise (we are Microsoft technology, Azure-centric, Insurance-focused)

• Architect and govern Zero Trust across landing zones; implement unified Conditional Access and identity governance for Internal and external users.

• Publish reusable security patterns for multi-tenant and cross-brand scenarios

• Oversee security for AKS, API management, and cloud-native infrastructure

• Ensure alignment with Calandra Toolkit and Skylark Security Stack for architecture reviews and compliance

• Identity & Access Management (20%)

• Drive CIAM strategy (Ping vs Microsoft Entra External ) and support governance for unified identity across all brands

• Implement MFA with adaptive logic to reduce friction and cost while mitigating VOIP-based fraud

• Integrate IAM for all internal users.

• Compliance & Risk Management (20%)

• Architect and develop a security controls catalog mapped to PCI-DSS, SOC 2, HIPAA, GDPR/CCPA, NAIC, Quebec Law 25

• Support audits: evidence collection, control mapping, documentation, and posture improvement

• Embed KYC, AML, and ABC checks into Skylark workflows; automate OFAC, UK, and EU watchlist checks

• Cloud & Application Security (15%)

• Define secure patterns for APIs, microservices, and integration pipelines

• Implement container security, workload isolation, and encryption standards

• Drive Dev Sec Ops  adoption (SAST/DAST/Secrets/IaC) and govern Git Hub Advanced Security and Azure Dev Ops integrations

• AI/ML & Responsible AI Governance (10%)

• Architect security for Azure AI/ML platforms (Azure OpenAI, Copilot Studio, Databricks)

• Lead Responsible AI security governance aligned to NIST AI RMF

• Secure agentic workflows and Gen-AI integrations

• Strategic Leadership & Incident Response (5%) - Support the CISO with:

• Develop future-state security architecture roadmap aligned with IPH’s digital transformation goals

• Retain Tier-2 SOC capabilities in-house for compliance with NYDFS, PCI DSS, and ISO 27001

• Champion security automation and AI-driven threat detection

All of our jobs come with great benefits including healthcare, parental leave and opportunities for career advancements. Some offerings are dependent upon the location of where you work and can include the following:

• Basic Life Insurance at no cost to the employee

• Company paid short-term and long-term disability

• 12 weeks of 100%…