• Responsible for developing, implementing, and managing the company’s IT security program • Takes ownership of security operations to protect systems, data, and networks from emerging threats while complying with all security and privacy requirements • Perform internal audits, conduct vulnerability and penetration testing, and ensure that security controls are fully implemented and continuously monitored • Lead the definition, implementation, and ongoing governance of security architecture for internal IT and designated projects, programs, and products • Leverage the Unified Architecture Framework (UAF) to embed security considerations across the enterprise by identifying security assets, evaluating risks, and applying appropriate security controls throughout system lifecycles • Assess the organization’s current security posture, design and refine architecture-level mitigations, and establish sustainable processes for monitoring, incident response, and audit readiness • Act as both a strategist and a hands-on technologist; manage security tools, conduct internal assessments, and collaborate with system and network teams to integrate security as a cross-cutting concern across all operational and technical domains • Provide the leadership, expertise, and accountability necessary to ensure resilient, compliant, and well-architected security across enterprise systems • Collaborate with the IT infrastructure and DevOps teams to maintain secure configurations and compliance with security and privacy requirements • Communicate clearly with leadership, report on risk and readiness, and develop practical security roadmaps that keep pace with evolving threats • Apply NIST 800-53, FedRAMP Moderate, and CMMC 2.0 control requirements to Cloud and on-premises environments through documented policies, procedures, and technical safeguards • Maintain HIPAA-compliant configurations for systems handling ePHI, including access controls, encryption, and audit logging within Microsoft 365 and other regulated platforms • Support security assessments, evidence collection, and control audits across multiple frameworks to contribute to compliance reporting, continuous monitoring, and certification-readiness efforts • Implement, configure, and maintain controls for intrusion detection and prevention within the Microsoft 365 security ecosystem, including Defender ATP, Sentinel, and integration with network IDS/IPS tools where applicable • Assess complex security challenges, evaluate alternatives, and develop effective, compliant solutions across diverse technical environments • Support zero-trust architecture initiatives through authentication hardening, network segmentation, and endpoint control • Collaborate with DevOps and application teams to integrate security automation and continuous monitoring into CI/CD pipelines • Conduct periodic reviews of encryption and key management practices to adhere to policy and evolving best practices