Information Security Architect

Job Summary

The Information Security Architect is responsible for designing, implementing, and maintaining the organization's information security strategy and architecture. This role ensures that security controls are integrated into systems, applications, and infrastructure, aligning with business objectives while protecting against evolving cyber threats. The architect will collaborate with stakeholders across IT, Legal, HR, Product, Engineering, other business units, and compliance teams to ensure adherence to security standards, frameworks, regulatory requirements and Masimo policy.

Duties & Responsibilities

Security Architecture & Strategy

• Develop and maintain the enterprise security architecture, ensuring it aligns with business strategy and IT initiatives.
• Define security requirements for new systems, applications, and network designs.
• Provide subject matter expertise on security best practices, frameworks, and emerging threats.

Solution Design & Implementation

• Evaluate, design, and implement security solutions, including firewalls, intrusion prevention systems, identity and access management, endpoint protection, and cloud security.
• Ensure secure integration of on-premises, cloud, and hybrid environments.
• Lead proof-of-concept (POC) testing for security technologies and recommend adoption where appropriate.

Governance, Risk & Compliance

• Ensure architecture is compliant with security frameworks such as NIST CSF, HITRUST, ISO 27001, and applicable regulatory requirements (HIPAA, PCI-DSS, GDPR, etc.).
• Collaborate with risk management to assess, document, and mitigate security risks.
• Maintain architectural documentation and enforce security design patterns.

Collaboration & Leadership

• Partner with enterprise architects, infrastructure teams, application developers, and business units to embed security into projects from inception.
• Provide mentorship and guidance to security engineers and analysts.
• Serve as a technical escalation point for complex security issues.

Monitoring & Continuous Improvement

• Research emerging threats and security technologies to improve defenses.
• Recommend enhancements to policies, standards, and procedures to strengthen security posture.
• Participate in security incident response activities, providing architectural guidance to containment and remediation efforts.

Minimum & Preferred Qualifications and Experience

Minimum Qualifications

• 7+ years of progressive work experience in information security or an equivalent combination of education and work experience.
• Deep knowledge of security frameworks (NIST, ISO 27001, HITRUST, PCI DSS), secure network and application design, and cloud security models.
• Hands-on experience with security technologies: SIEM, EDR, IAM, DLP, PKI, firewalls, vulnerability management, and encryption.
• Experience with AWS, Azure, or Google Cloud security architectures.
• Strong understanding of identity management, authentication, and access control principles.
• Strong knowledge regarding common attacks, attack methods, and defense architectures.
• istent application of this knowledge.
• CISSP (Certified Information Systems Security Professional) or other related information security certifications are required.

Preferred Qualifications

• Advanced degree in Cybersecurity or related field.
• Experience in highly regulated industries (e.g., healthcare, financial services).

Education

Bachelor's Degree in Computer Science, Engineering, MIS, Information Security, or related field of study or equivalent work experience.

Compensation: The anticipated range for this position is $145,000 - $170,000. Actual placement within the range is dependent on multiple factors, including but not limited to skills, education, and experience. This position also qualifies for up to 10% annual bonus based on Company, department, and individual performance.

Physical requirements/Work Environment

This position primarily works in an office environment. It requires frequent sitting, standing and walking. Daily use of a computer and other computing and digital devices is required. May stand for extended periods when facilitating meetings or walking in the facilities.

The physical demands of the position described herein are essential functions of the job and employees must be able to successfully perform these tasks for extended periods. Reasonable accommodations may be made for those individuals with real or perceived disabilities to perform the essential functions of the job described.