Senior Security Architect; Remote

Conexess Group is aiding a large healthcare client in their search for a Senior Security Architect in a remote capacity. This is a long-term opportunity with a competitive compensation package.

Please note we are unable to provide sponsorship or work c2c for this role.

The Security Architect collaborates extensively with architecture, development, product, and additional teams across the organization to embed security considerations throughout the solution lifecycle, from initial design to final deployment. In this capacity, this role maintains close partnerships with Customer IAM, Workforce IAM, and application teams to design secure IAM workflows and enhance API authorization, among other responsibilities. The Security Architect is accountable for defining security requirements, conducting comprehensive security design assessments, and offering remediation and mitigation guidance—particularly with respect to workforce and customer identity and access.

• Lead design reviews for platform, application, and cloud solutions; identify risks and recommend mitigations aligned to security best practices and internal security requirements.
• Maintain and expand the security architecture documentation library, ensuring consistency across requirements documents, frameworks components and design artifacts.
• Partner with IAM/CCOE to mature MFA and risk-based access patterns and document them in requirement, design patterns and other documents as required.
• Work directly with program and project teams to ensure that relevant security risks are identified, evaluated, and appropriate security solutions are implemented to manage risks to the enterprise.
• Responsible for the identification of architectural gaps and inefficiencies in new and existing solutions.
• Support remediation and mitigation efforts through appropriate planning and roadmap development.
• Strong work ethic and sense of urgency.
• Ability to influence technical discussions and decisions.
• Mentor others in security best practices and architectural approaches.

• BA/BS degree in MIS/Computer Science or related degree strongly preferred. Equivalent experience required in lieu of a degree.
• 5+ years’ experience in information technology experience.
• 1+ years’ experience in an information security architectural role or equivalent engineering experience; strong writing and communication skills expected.
• Experience with OAuth 2.0, OIDC, SAML, and federation patterns; ability to translate business requirements into secure, scalable identity designs.
• Solid grasp of provisioning and attribute flows (e.g., SCIM) and how they intersect with authorization policy.
• Working knowledge of token design (scopes/claims), mTLS/JWT validation patterns, token exchange, and session/security handling across SPs/IdPs.
• Demonstrated depth in IAM security and 1 other security domains such as: API security, data security, network security, etc.
• Professional Certification such as:
  • SANS GIAC Certification(s)
  • Certified Information Systems Security Professional (CISSP)

• Familiarity with legacy federation stacks (e.g., ISAM) and migration to modern patterns is a plus.
• Familiarity with Security life cycle, design review across concept, development through deployment.
• Experience with threat models (all 7 layers), security analysis.
• GIAC GDSA, SABSA or equivalent; IAM and/or AI related certs a plus.
• Cloud security certs (AWS/Azure/OCI/ CCSP) helpful.