Sr. Director, Security Architecture and Operations

CAQH Position Summary: The Sr. Director, Security Architecture and Operations is a strategic leader with extensive handson experience, responsible for designing, implementing, and governing enterprise security solutions across cloud and enduser environments. This role is responsible for developing and maintaining a robust security architecture that safeguards user devices, collaboration platforms, productivity suites, identity systems, and core infrastructure. The goal is to ensure secure, resilient, and compliant security operations for all employees and business units. The Sr. Director, Security Architecture and Operations leads a team of security analysts, engineers, and architects to promote the adoption of modern security frameworks, such as Zero Trust. This position will be responsible for four primary functions: Security Architecture / Design Security Engineering / Implementation Security Operations and Incident response Application Security The Sr. Director, Security Architecture and Operations is a fulltime, remote, exempt position and reports to the CISO. Base Salary Range: $220,000 - $240,000 annually. Specific Responsibilities Assist the CISO in setting strategy and operating a modern, riskbased security program, champion a cloudfirst threat modeling methodology, and leverage CAQHs AI capabilities to increase consistency, coverage, and speedwhile keeping expert human judgment at the core. Partnering with Engineering, Product, Security, Compliance, and Technology, define patterns, standards, and guardrails that enable teams to build securely. Develop a cloudfirst threat model and attack tree methodology; support engineers through patternled, prereviewed development plans. Deliver bestinclass, riskbased, humanled security review processes across services and products, from design through production. Define and govern securebydesign architecture standards, reusable security patterns, and reference implementations for cloudnative services. Integrate security architecture into SDLC and platform workflows (design reviews, SDL gates, IaC, CI/CD), prioritizing automation and developer experience. Partner with Engineering, Product, Technology, Data, Privacy, and Compliance to mitigate risk, meet regulatory obligations, and improve resilience. Establish KPIs/OKRs (risk reduction, review SLAs, MTTR) and report progress and risk posture to leadership. Conduct and oversee highimpact architecture reviews, and vendor/thirdparty security assessments; guide buildvsbuy decisions. Translate emerging threats and standards into actionable guidance (e.g., cloud, secrets, data protection). Drive incident learnings back into design and controls; ensure auditability and documentation for internal/external reviews. Champion responsible use of AI and data handling in security tooling and processes, aligned with CAQH's security, privacy, and compliance guidelines. Designing and implementing enterprise security architecture that aligns with business needs and regulatory compliance. Defining and driving threat and vulnerability management strategies, proactively mitigating risks to infrastructure, applications and data. Respond to incidents swiftly and decisively through building effective data paths from telemetry generating services to SIEM. Supervisory Responsibilities Five (5) Information Security Team Members Skills Technical Depth: Expertise in cloud security, DevSecOps, EDR/XDR Incident Response: Demonstrated expertise in directing responses to advanced security breaches and incidents. Ability to present complex security topics to both technical and nontechnical executives Team Leadership: Skilled in leading, developing, and managing teams. Experience 10 years in IT, including at least 3 years in a leadership position such as Director, V.P. or head of Security. Demonstrated expertise in overseeing Security Operations Center (SOC) activities, administering SIEM platforms, and managing relationships with managed service providers (MSPs) and vendors. Education Bachelors degree preferred. Relevant industry certifications in CISSP, CISM, CCSP certifications preferred. Equal employment opportunity, including veterans and individuals with disabilities. #J-18808-Ljbffr