Principal Architect, Cybersecurity

Make a difference. Be happy. Grow your career.

The Role

Nordic Consulting is seeking a seasoned Principal Security Architect with extensive experience in healthcare provider environments. The successful candidate will lead the design, implementation, and continuous improvement of security architectures that safeguard critical healthcare infrastructure, ensure compliance with healthcare regulations (such as HIPAA, HITRUST, and NIST), and enhance overall security posture.

Key Areas:

Client Delivery & Executive Oversight: Lead and oversee high-impact client engagements to ensure quality, consistency, and value delivery; serve as a trusted advisor to provider executives and health IT leadership teams.

Delivery Quality and Solution Ownership: Deliver high-quality consulting services to strategic clients, developing and implementing solution-based tools and solutions when needed.

Market Presence & Thought Leadership: Represent the firm in industry forums, contribute to thought leadership, and collaborate with business development teams to position the firm as a leader in healthcare cybersecurity and GRC.

Key Responsibilities

The Principal, Cybersecurity Architect will have the following key responsibilities, which include but are not limited to:

• Lead the design, development, and implementation of comprehensive security architecture frameworks tailored specifically for healthcare provider environments.
• Conduct thorough security assessments and risk analyses of IT infrastructure, clinical systems, and healthcare applications.
• Collaborate with cross-functional teams, including IT, clinical informatics, compliance, and business stakeholders, to integrate security controls seamlessly within clinical and administrative workflows.
• Provide strategic direction and technical guidance for cybersecurity initiatives, ensuring alignment with industry standards and best practices.
• Develop and maintain architecture documentation, standards, and reference models to support compliance, governance, and security operations.
• Advise clients on strategies for secure cloud adoption, digital transformation, and emerging healthcare technologies.
• Actively monitor and evaluate emerging cybersecurity threats, vulnerabilities, and industry trends to proactively strengthen the organization's security posture.
• Mentor junior security team members, fostering a culture of continuous learning and knowledge sharing

Qualifications:

Required:

• Generally, requires a Bachelor's degree and 12 years of related experience or a Master's degree and 8 years of related experience.
• Degree in Computer Science, Information Security, Healthcare Informatics, or a related field; advanced degrees preferred.
• Progressive experience in cybersecurity with at least 5 years specializing in security architecture within healthcare provider environments.
• Extensive knowledge of healthcare-specific regulatory requirements (HIPAA, HITRUST, NIST Cybersecurity Framework, HITECH Act).
• Demonstrated experience architecting solutions involving EHR systems (Epic, Cerner, etc.), healthcare interoperability, and clinical IT systems.
• Professional certifications such as CISSP, CISM, CCSP, CEH, or HITRUST Practitioner highly desired.
• Proven ability to communicate complex security concepts clearly to diverse stakeholders, including executives, clinicians, and IT teams.
• Strong analytical skills, including proficiency in risk assessment methodologies and security architecture frameworks (e.g., SABSA, TOGAF, NIST).

Preferred:

• Previous consulting experience in healthcare
• Previous senior-level experience/leadership in a hosptial organization
• Familiarity with firm operations, business development processes, and delivery methodology.

Additional details

• 80% remote position
• Travel up to 20% of the time, including to the Nordic home office in Madison, WI and client sites when needed.

This job description supersedes any previous job description.  The job description does not constitute an employment contract between the employer and employee and is subject to change by the employer as the needs of the employer and/or requirements of the job change.

The key responsibilities and additional details described here are representative of those that must be met by an employee to successfully perform the essential functions. Reasonable accommodations may be made to enable individuals with disabilities to perform some essential functions.

Nordic does not sponsor employment visas, and in compliance with federal law, anyone hired by Nordic will be required to verify identity and eligibility to work in the USA and to complete required employment eligibility verification document upon hire.

Nordic is an equal opportunity employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, marital or veteran status, or any other protected status under applicable federal, state, or local laws. We encourage individuals of all backgrounds to apply, including women, minorities, individuals with disabilities, and veterans.