Director of Enterprise Security Architecture

Our Company

BrightSpring Health Services

Overview

The Director of Enterprise Security Architecture is responsible for developing, leading, and maintaining the enterprise security architecture strategy that protects our IT infrastructure, sensitive data, and cloud-based services. This role oversees the design and integration of security controls across networks, systems, applications, and data, ensuring alignment with regulatory requirements (HIPAA, HITRUST, etc.) and industry best practices. This position demands a strategic thinker with the ability to integrate security measures seamlessly into our complex IT infrastructure, championing a security culture in this dynamic and fast-paced environment.

 

The Director partners closely with IT, Compliance, and Risk Management teams to enable secure business operations while mitigating cybersecurity risks.

Responsibilities

• Develop and lead the enterprise security architecture strategy spanning network, system, cloud, application, and data security domains, ensuring alignment with business objectives, industry standards, and regulatory requirements.
• Collaborate with IT and business leaders to integrate security architecture principles into all aspects of the enterprise architecture.
• Develop security architectural frameworks and governance models to align security strategies with business objectives.
• Lead security architecture reviews of new and existing IT initiatives to ensure security-by-design principles are embedded.
• Guide and oversee data security efforts, including data classification, discovery, access controls, and data loss prevention strategies.
• Serve as the subject matter expert on emerging security technologies and evolving threat landscapes.
• Lead security architecture governance processes, including standards development, reference architectures, and architecture review boards.
• Ensure architectural compliance with regulatory frameworks such as HIPAA, NIST, and HITRUST.
• Prepare and present security architecture strategy to executive leadership and stakeholders.
• Provide input into the development of the IT department budget and manage the operational budgets, including supporting major purchasing decisions.
• Support incident response and vulnerability management efforts through architectural insights and risk mitigation strategies.
• Ensure compliance with data privacy regulations and best practices in cybersecurity, identifying and mitigating technology-related risks.
• Establish and maintain relationships with technology vendors and partners. Identify industry trends, emerging technologies, and best practices to guide the future direction of the enterprise’s security landscape to maintain a competitive edge.
• Lead and mentor the team of security professionals, fostering a culture of security awareness and continuous improvement.

Qualifications

• Bachelor’s degree in Information Security, Computer Science, or related field (Master’s preferred)
• Relevant certifications such as CISSP, CCSP, Azure Security Certifications are highly desirable.
• Minimum of 10 years of experience in IT security, with at least 5 years in a leadership role.
• Deep expertise in network security, systems security, cloud security (AWS/Azure/GCP), and data protection
• Proven experience in designing and implementing enterprise security architectures in highly regulated industries.
• Experience with regulatory compliance and industry standards (e.g., HIPAA, ISO 27001, HITRUST).
• Healthcare experience strongly desired.
• Implementation of enterprise-wide security platforms within a large, diverse user base.
• Extensive experience within Azure ensuring data security through data classification, data segregation and data governance.
• Demonstrated experience in managing large-scale system migrations and integrations while meeting cybersecurity requirements with minimal disruption to business operations.
• Extensive experience and commitment to leveraging best practices in cybersecurity, project management and IT service management.
• In-depth knowledge of security frameworks, protocols, and technologies.
• Strong understanding of network security, application security, and data protection.
• Proficiency in risk assessment, vulnerability management, and incident response.
• Excellent leadership and team management skills.
• Strong analytical and problem-solving abilities.
• Effective communication and presentation skills, with the ability to convey complex security concepts to non-technical stakeholders.
• Possess deep expertise in formulating system data security strategies across multiple active directory domains and Azure tenants, ensuring data security while enabling interoperability and scalability within an enterprise-scale environment.
• Detailed understanding of user provisioning, including Identity and Access Management tools to provide single sign-on, multi-factor authentication and identity lifecycle management services which are essential to on-boarding and off-boarding processes in a high-turnover environment.
• History of cultivating and maintaining good relationships at all levels within the organization
• Excellent leadership and team management skills, with the ability to inspire and motivate cross-functional teams.
• Strategic thinker with outstanding communication and interpersonal skills, capable of engaging with both technical and non-technical stakeholders.

About our Line of Business

BrightSpring Health Services provides complementary home- and community-based pharmacy and provider health solutions for complex populations in need of specialized and/or chronic care. Through the Company’s service lines, including pharmacy, home health care and primary care, and rehabilitation and behavioral health, we provide comprehensive and more integrated care and clinical solutions in all 50 states to over 450,000 customers, clients and patients daily. BrightSpring has consistently demonstrated strong and often industry-leading quality metrics across its services lines while improving the quality of life and health for high-need individuals and reducing overall costs to the healthcare system. For more information, please visit www.brightspringhealth.com. Follow us on Facebook, LinkedIn, and X.