Cloud Security Architect - Federal​/DoD Programs - Remote

Position: Cloud Security Architect - Federal / DoD Programs - Remote
** Requisition number:
** 2340199

** Job category:
** Technology

Optum Tech is a global leader in health care innovation. Our teams develop cutting-edge solutions that help people live healthier lives and help make the health system work better for everyone. From advanced data analytics and AI to cybersecurity, we use innovative approaches to solve some of health care's most complex challenges. Your contributions here have the potential to change lives.

Ready to build the next breakthrough? Join us to start  
** Caring. Connecting. Growing together.*
* Optum Serve is seeking a highly experienced  Security Architect to lead security architecture strategy, solution design, and technical governance for regulated on-prem, cloud, and hybrid environments supporting federal and DoD healthcare missions. This role serves as a trusted advisor to engineering, platform, compliance, operations, and program teams, translating mission and regulatory requirements into secure, scalable architecture patterns.

The architect will define and guide secure multi-cloud and hybrid solutions aligned with DoD IL4/IL5, FedRAMP Moderate/High, NIST SP 800-53 Rev. 5, and DoD RMF (DoDI 8510.01), while partnering closely with delivery teams responsible for implementation and ongoing operations. This role will also help define target-state architectures and transition strategies for modernizing legacy on-prem systems into compliant cloud and hybrid environments.

The ideal candidate brings deep expertise in Zero Trust Architecture (ZTA), Dev Sec Ops , federal ATO processes, cloud modernization, and emerging technologies such as AI/ML, with a proven ability to balance mission delivery, compliance, and security in complex, highly regulated environments.

You'll enjoy the flexibility to work remotely
* from anywhere within the U.S. as you take on some tough challenges.
For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.

*
* Primary Responsibilities:

*
* + Security Architecture Strategy & Collaboration

+ Define and maintain security reference architectures, design patterns, and technical guardrails for cloud and hybrid environments supporting federal and DoD healthcare workloads

+ Partner with cloud engineering, infrastructure, IAM, networking, application, data, compliance, and operations teams to embed security requirements into solution designs and modernization initiatives

+ Serve as the security architecture lead for new capabilities, major enhancements, and platform changes by conducting architecture reviews and providing risk-based design guidance

+ Translate regulatory, mission, and business requirements into practical security architectures that enable delivery while maintaining compliance

+ Collaborate with enterprise architecture, program leadership, and customer stakeholders to align security strategy with platform roadmaps and system lifecycle planning

+ Cloud & Hybrid Security Architecture

+ Lead the design of secure cloud and hybrid architectures aligned with DoD IL4/IL5, FedRAMP Moderate/High, NIST SP 800-53 Rev. 5, and DoD RMF (DoDI 8510.01) requirements

+ Establish architectural standards for network segmentation, encryption, key management, logging, resiliency, boundary protection, and secure service integration across Azure, AWS, and hybrid environments

+ Define hardening and configuration expectations using DISA STIGs, DoD SRGs, and CIS Benchmarks, in collaboration with platform and operations teams responsible for implementation and sustainment

+ Guide secure architecture decisions for systems handling PHI, PII, and CUI

+ Cloud Modernization & Legacy Transformation

+ Define secure target-state architectures and transition roadmaps for migrating legacy on-prem applications, infrastructure, and data platforms to Azure, AWS, and hybrid environments

+ Lead or advise on cloud readiness assessments, application rationalization, dependency mapping, and migration wave planning to determine appropriate modernization strategies such as rehost, replatform, refactor, replace, retain, or retire

+ Partner with application, infrastructure, IAM, network, and data teams to design secure migration patterns for legacy workloads, hybrid connectivity, identity federation, segmentation, data migration, resiliency, and observability

+ Establish security and compliance guardrails for interim hybrid states, including compensating controls for systems that cannot be fully modernized immediately

+ Guide modernization approaches such as containerization, API enablement, service decomposition, managed service adoption, and legacy platform decommissioning

+ Evaluate modernization impacts on authorization boundaries, control inheritance, shared services, and continuous monitoring to support ATO and compliance objectives

+ Advise teams on reducing legacy technical debt while preserving mission continuity, operational stability, and regulatory compliance

+ Zero Trust & Identity Architecture

+ Lead adoption…