Cyber Security Architect

Are you ready for new challenges and new opportunities?

Join our team!

Current job opportunities are posted here as they become available.

The Senior Security Architect designs and drives the secure architecture of Data House platforms and client solutions across cloud and hybrid environments. This role leads threat modeling, control selection, and reference architectures aligned to ISO/IEC 27001, NIST, and HIPAA, partners with engineering to embed security in delivery pipelines, and advises public-sector and healthcare clients on compliance-aligned architectures. You’ll be a senior individual contributor with broad influence—mentoring engineers, shaping standards, and participating in architecture reviews and program governance.

* This position requires the candidate to be based in Hawaii and able to work on-site in Honolulu as needed.

• Architecture & Design: Define secure reference architectures (network, identity, data, application, and cloud) for AWS/Azure; champion zero-trust and least-privilege patterns.
• Risk Management: Identify, assess, and mitigate security risks to protect company assets, data, and systems from external and internal threats.
• Security Strategy Development: Develop and implement comprehensive security strategies and roadmaps that include key policies, procedures, and practices to safeguard the company’s information technology infrastructure.
• Security Compliance: Ensure that security architecture meets regulatory requirements and compliance standards, such as GDPR, HIPAA, or industry-specific regulations.
• Governance & Compliance: Translate ISO/IEC 27001, NIST (CSF/800-53/171), and HIPAA into practical architectures, patterns, and evidence requirements; support internal audits and renewals.
• Advisory & Reviews: Sit on internal and client architecture review boards; support executive-level guidance to SLED and healthcare clients.
• Collaborate with Leadership: Work closely with senior leadership, including the CTO, and other department heads, to ensure security strategies align with business priorities and technology initiatives.
• Incident Readiness: Partner with Sec Ops to refine detection logic, playbooks, and tabletop exercises; ensure architectures support rapid containment and recovery.
• Mentorship & Standards: Coach engineers; author standards, patterns, and runbooks; lead brown-bags and security awareness sessions for delivery teams.
• Vendor Management: Work with external vendors to evaluate and select security tools, technologies, and services to enhance the company’s security posture.

• Develop and implement frameworks for the secure design and deployment of cloud services, network infrastructure, and enterprise applications.
• Lead the evaluation and integration of new security technologies and methodologies to enhance the company’s security infrastructure.
• Collaborate with the IT department to ensure security controls are integrated into all software development and systems engineering processes.
• Define and enforce standards and best practices for secure software development, network security, data protection, and vulnerability management.
• Implement and continually improve the organization’s Information Security Management System (ISMS) to maintain ongoing ISO 27001 certification.
• Advise client leadership teams on IT governance, budget planning, security roadmaps, and risk management programs.
• Ensure security practices address requirements specific to healthcare, government, and other regulated industries.

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 6+ years of experience in information security, with at least 2 years in a senior security architecture role or similar management position.
• Proven experience in designing and implementing security architectures for large, complex systems across multiple platforms (cloud, on-premise, hybrid).
• Expert knowledge of security frameworks, such as NIST, CIS, ISO 27001, comparable ISMS frameworks, and experience with industry compliance standards.
• Strong understanding of network security, encryption technologies, access controls,…