**Enterprise Security Architect** **Location:** This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The **Enterprise Security Architect** is the enterprise's senior-most technical security architecture leader for modern platforms and emerging technology adoption. This role serves as a hands-on design authority and technical executive advisor - driving enterprise security architecture strategy, defining enforceable reference architectures and patterns, and governing secure implementation across Elevance Health's large-scale hybrid environments. The role leads the Enterprise Security Architecture (ESA) function and chairs the Security Architecture Review Board (SARB), partnering in lockstep with Enterprise Architecture to drive consistent, enforceable security-by-design decisions across the enterprise. This role operates at the intersection of enterprise strategy and deep engineering execution, providing decisive architectural direction for complex initiatives involving AI/ML (including GenAI/LLMs), Zero Trust, cloud platforms, cloud-native engineering (Kubernetes, containers, service mesh), identity, data protection, and secure SDLC/MDLC. The role is accountable for measurable outcomes: risk reduction, consistency of security-by-design, faster delivery through reusable patterns, and demonstrable compliance alignment. **How You Will Make an Impact:** + Produce executive-ready, audit-defensible architecture documentation (standards, reference architectures, patterns, roadmaps, and decision records) that aligns with regulatory, audit, and enterprise architecture governance requirements. + Own and evolve the enterprise security architecture vision for AI-enabled, cloud-first, Zero Trust-aligned platforms, including principles, standards, reference architectures, and reusable patterns. + Define and drive Zero Trust architecture patterns aligned to NIST Zero Trust Architecture (SP 800-207) and CISA Zero Trust Maturity Model (identity, device, network/environment, application/workload, data, and visibility/analytics). + Maintain, evolve, and expand enterprise AI security architecture and guardrails aligned to NIST AI RMF 1.0 and associated guidance for GenAI risk management profiles. + Define and maintain secure-by-default cloud reference architectures across AWS/Azure and GCP. + Partner in lockstep with Enterprise Architecture and OCISO stakeholders to operationalize governance through repeatable assessment methods, architecture reviews, and enforcement mechanisms, producing durable artifacts (reference architectures, patterns, standards, roadmaps, and decision records). + Chair and operate the Security Architecture Review Board (SARB), defining intake, review criteria, decision records, and exception processes; ensure timely decisions and appropriate executive escalation. + Develop and deliver concise, executive-ready briefings that translate security architecture tradeoffs into business impact, options, and recommendations for enterprise leadership. + Recommends new technologies for domains based upon business value drivers and return on investment; drives new technologies towards implementation and exploitation. + Establishes overall systems architecture vision and ensures specific components are appropriately designed and leveraged; contributes to the holistic vision of Enterprise Architecture. + Takes responsibility for health of overall architecture for market segment. + Maintains components of architecture strategy and vision. + Maintains enterprise level blueprints. + Coordinates all enterprise-level conceptual architecture components (e.g., data architecture, application architecture, technical architecture). + Monitors usage of architectural components and assumes responsibility for reuse. + Drives system migration based upon roadmaps defined in enterprise and domain blueprints. Leads architecture strategy and vision for enterprise. + Ensures blueprints are refreshed as needs emerge or in accordance to plan of record changes. + Provides continuous consulting services and direction in projects and architectures. + Champions and responsible for enterprise level technology and architectural standards, guidelines, principles, frameworks, and reference models. + Defines systems, technical, and application architectures for new strategic initiatives; develops and maintains an architectural blueprint and evolutionary roadmap that defines and communicates the strategic direction for these architectures in support of business and technical strategies; explains how the roadmap maintains and delivers cost effectiveness, business value, and competitiveness. **Minimum Requirements:** Requires an BA/BS degree in Information Technology, Computer Science or related field of study and a minimum of 8 years experience in architecture/design in relevant technology disciplines; or any combination of education and experience, which would provide an equivalent background. **Preferred Skills, Capabilities & Experiences:** + Demonstrated experience securing AI/ML and GenAI/LLM systems in production, including threat modeling and control design aligned to NIST AI RMF preferred. + Deep expertise implementing Zero Trust designs aligned to NIST SP 800-207 and mapped to maturity goals such as CISA ZTMM. + Strong experience in at least one hyperscaler (AWS/Azure/GCP) and cloud-native platforms (Kubernetes, containers, service mesh, CI/CD). + 2+ years architecting and deploying SASE/SSE at enterprise scale, including SWG, CASB, and ZTNA for tens of thousands of users across hybrid and cloud-first environments preferred. + Hands-on architecture leadership with leading SSE/SASE platforms (e.g., Palo Alto Networks Prisma Access / Prisma SASE, Netskope, and/or comparable enterprise platforms), including global policy design, resiliency patterns, and phased migrations from legacy proxies/VPN. + 3+ years leading an enterprise security architecture governance function and/or chairing an Architecture Review Board (SARB/ARB), including decision records and exception management. + Demonstrated executive presence and ability to influence senior leaders; translates security architecture risk and tradeoffs into business impact, options, and investment recommendations. + Experience operationalizing security architecture through repeatable review methods, measurable KPIs (e.g., time-to-decision, pattern adoption), and continuous improvement. + Working knowledge of risk management and compliance expectations in regulated environments; produces audit-defensible architecture artifacts in partnership with audit, legal, and compliance stakeholders. + CISSP (CISSP-ISSAP), CCSP, SABSA, TOGAF, CISM, CRISC (or equivalent EA/security architecture credentials) highly preferred. + Prior experience leading enterprise security architecture in a Fortune 100 / Fortune 50 / Fortune 10 environment with complex hybrid infrastructure, regulated data and multiple business lines preferred. For candidates working in person or virtually in the below location(s), the salary* range for this specific position is $194,920 to $318,960. Locations: New York, Illinois, Massachusetts. In addition to your salary, Elevance Health offers benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). The salary offered for this specific position is based on a number of legitimate, non-discriminatory factors set by the Company. The Company is fully committed to ensuring equal pay opportunities for equal work regardless of gender, race, or any other category protected by federal, state, and local pay equity laws. * The salary range is the range Elevance Health in good faith believes is the range of possible compensation for this role at the time of this posting. This range may be modified in the future and actual compensation may vary from posting based on geographic location, work experience, education and/or skill level. Even within the range, the actual compensation will vary depending on the above factors as well as market/business considerations. No amount is considered to be wages or compensation until such amount is earned, vested, and determinable under the terms and conditions of the applicable policies and plans. The amount and availability of any bonus, commission, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities – and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact elevancehealthjobssupport@elevancehealth.com for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.