×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security IT Consultant Information Security

Security Architect TPRM

Job in Draper, Salt Lake County, Utah, 84020, USA
Listing for: HealthEquity
Full Time position
Listed on 2025-12-02
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, IT Consultant, Information Security
Job Description & How to Apply Below

Security Architect TPRM

Job Location:

US-Remote

Our Mission

Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.

Overview

How you can make a difference

We are seeking a technically skilled and cybersecurity-focused Security Architect TPRM to join our Third Party Risk Management (TPRM) team. This role is essential in evaluating and mitigating security risks associated with third-party vendors, with a strong emphasis on cloud technologies, secure integrations, and identity management.

The ideal candidate will have a deep understanding of different cloud service models (SaaS, PaaS, IaaS) and will collaborate with various cross-functional teams to ensure all third-party engagements comply with security and regulatory standards.

What you'll be doing

  • Conduct in-depth technical security assessments of third-party vendors and partners.
  • Evaluate vendor architecture, encryption practices, authentication mechanisms, and API integrations.
  • Master and leverage third-party security rating services (e.g., Bit Sight, Security Scorecard, Risk Recon) to inform risk decisions.
  • Develop a SaaS governance framework in partnership with key cross-functional teams such as Security Architecture and Identity & Access Management to mitigate the company's risk exposure.
  • Explore and evaluate the benefits of Software Bill of Materials (SBOM) compliance in third-party software.
  • Create Cloud reference architectures to illustrate control requirements across Azure, AWS, and GCP environments.
  • Identify and recommend appropriate security controls to mitigate risks associated with nascent generative AI platforms.
  • Leverage generative AI platforms to expediate due diligence and security compliance processes.
  • Assist the Product Security team in onboarding new operations partners and surfacing potential risks that could impact implementation.
  • Clearly differentiate between SaaS, PaaS, and IaaS platforms, including the types of secure connections required for integration, with a focus on ingress, egress and layers of defense to protect sensitive data.
  • Work with cross-functional teams to identify risks associated with shadow IT, and develop processes, procedures and controls to prevent, detect, and remediate risks.
  • Assist with the exploration, selection, and implementation of Third Party Risk Management (TPRM) software to enhance program efficiency and scalability.
  • Participate in the design of supply chain resiliency strategies that provide optionality during unforeseen events, helping to mitigate third-party and operational risk.
  • Collaborate with internal teams (Security, IT, Legal, Procurement) to ensure third-party engagements meet security and compliance standards.
  • Track and manage remediation efforts for identified risks.
  • Maintain and enhance risk assessment tools and documentation.
  • Stay current on emerging threats, technologies, and regulatory requirements.

What you will need to be successful

  • Bachelor's degree in Cybersecurity, Information Technology, a related field or equivalent experience.
  • 8 to 10+ years of related experience in information security, risk management, or third-party/vendor risk.
  • Knowledge of network topologies and risks.
  • Azure Cloud and Azure Virtual Desktop.
  • Encryption types (e.g., symmetric, asymmetric, hashing).
  • Network and application connection types (e.g., VPN, direct connect, SFTP, HTTPS).
  • Certificates and authentication protocols (e.g., TLS/SSL, OAuth, SAML).
  • Identity and Access Management (IAM).
  • API connection types and security risks.
  • SaaS, PaaS, and IaaS architectures, including secure integration methods.
  • Experience with tools such as Service Now and Dynatrace.
  • Experience with Yubi Keys or similar hardware-based authentication methods.
  • Knowledge of security frameworks (e.g., NIST CSF and AI, ISO 27001, SOC
    2).
  • Project management and cross-functional collaboration.
  • Technical acumen in cloud security, secure integrations, and AI risk mitigation.
  • Strong analytical, documentation, and communication skills.
  • Ability to assess and explain complex security risks to both technical and non-technical stakeholders.
  • Experience in regulated industries (e.g., finance, healthcare).
  • Knowledge of data privacy…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search