Enterprise Security Architect

Homecare Homebase is seeking a hands-on, engineering-first Enterprise Security Architect to help secure and accelerate our modernization of our EHR platform into a cloud-native future. This role is ideal for a senior security-minded software architect who thrives at the intersection of secure-by-design architecture and real implementation. Someone who can define security patterns and also write code to make them real in our platform.

This role will partner closely with Architecture, Engineering, Platform, Product, and Compliance to embed security into how we build—not as a gate at the end, but as a repeatable set of guardrails, paved roads, and automation. This role will ensure security scales with modernization and delivery velocity using both traditional techniques and leading-edge AI technology.

Define and maintain security reference architectures, standards, and reusable patterns for modern distributed systems and SaaS platforms.

Lead security design reviews for major platform changes, modernization initiatives, and new service development.

Create “secure defaults” that reduce risk while improving engineering throughput and consistency.

Embed secure development practices into how teams plan, build, test, and ship software (AI & automation-first).

Partner with engineering teams to implement scalable guardrails in CI/CD (policy, validation, prevention) without slowing delivery.

Improve secure delivery practices including dependency risk management, secrets hygiene, and build/release integrity.

Drive threat modeling as a standard engineering practice for meaningful architecture changes and new feature development.

Ensure threats are translated into real mitigations (architecture decisions, code changes, and automated validation).

Help teams proactively reduce risk by identifying trust boundaries, data flows, and attack paths early.

Establish secure patterns for containerized systems: image standards, runtime protections, network segmentation, and least-privileged service access.

Partner with platform engineering on Kubernetes and Azure security posture, including identity boundaries and secure workload patterns.

Build scalable guardrails that work across environments and teams—security that grows with the platform.

Build shared libraries, templates, SDKs, and platform components that make secure development the easiest path.

Contribute directly to production services and platform capabilities when needed to deliver secure patterns quickly.

Automate security controls and reduce repetitive work through tools and developer experience improvements.

Drive alignment across Architecture, Engineering, Compliance, and Product to close open audit issues and prevent recurrence.

Communicate clearly: write actionable guidance, design docs, and decision records that engineers actually use.

Serve as a trusted security partner—supporting teams with speed, clarity, and pragmatism.

• 8+ years of experience in software engineering, including designing and building large-scale systems.

4+ years leading application security, product security, or enterprise security architecture in modern software environments.

Strong development experience in C# / .NET with a track record of shipping real software (not just reviewing it).

Practical expertise with Linux, Docker, Kubernetes
, and cloud-native architecture patterns (Azure preferred).

Experience implementing secure development practices and operationalizing them across teams.

Working knowledge of threat modeling practices and how to integrate them into the SDLC.

Ability to influence engineering orgs through technical credibility, collaboration, and clear decision-making.

Experience/Exposure to leading AI based SDLC practices

Founded in 1999, Homecare Homebase, a subsidiary of Hearst Corporation is a market leader in healthcare software development providing mobile cloud-based solutions for clinical, operational, and financial improvement of home…