Principal, Security Architecture

Cardinal Health

Olympia, WA

Apply

JOB DETAILS

SKILLS

Applications Security, Aviation Industry, Budgeting, Business Administration, Business Development, Business Practices, Business Strategy, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Career Counseling, Cloud Applications, Cloud Architecture, Coaching, Communication Skills, CompTIA Security+, Computer Security, Computer Services, Consulting, Continuous Improvement, Cross-Functional, Data Recovery, Design Patterns Programming Methodologies, Disaster Recovery, Ecosystems, Emerging Technology, Enterprise Architecture, Enterprise Protection, Error Handling, Financial Services, Government, Healthcare, ISO (International Organization for Standardization), Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Intrusion Detection Systems, Investment Strategy, Leadership, Machine Tool, Mentoring, Negotiation Skills, People Management, Problem Solving Skills, Process Development, Process Improvement, Product Lifecycle, Productivity Management, Project Estimates, Regulatory Requirements, Risk, Risk Analysis, Risk Management, Security Architecture, Security Design, Security Monitoring, Software Development, Software Engineering, Standards Development, Standards Strategy, Strategic Planning, TOGAF - The Open Group Architecture Framework, Team Player, Technical Delivery, Technical Leadership, Technical Strategy, Technical/Engineering Design, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), Usability Engineering, Viruses, Vulnerability Scanners

LOCATION

Olympia, WA

POSTED

1 day ago

**_What Information Security and Risk contributes to Cardinal Health_** Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments. **_Job Summary_** The Principal, Security Architecture is responsible for establishing, leading, and developing the security architecture strategy, standards, and design practices to enable secure, scalable, and resilient technology solutions across the organization. Reporting to the Vice President, Information Security & Risk, this role serves as a technical leader responsible for aligning security architecture with business priorities, risk management objectives, and enterprise GTBS strategies. This role leads all aspects of security architecture, including architecture strategy and governance, technical security standards, solution design and advisory, architecture reviews, and tooling optimization. It plays a critical role in embedding security into the development lifecycle, guiding technology investments, and ensuring that security requirements are integrated into enterprise architectures and solutions from inception through deployment. **_Responsibilities_** **Organizational Leadership & Architecture Strategy** + Develop and lead the enterprise security architecture strategy aligned with cybersecurity, risk management, and business objectives + Establish governance frameworks and processes to guide secure design, technology selection, and solution deployment across the organization + Collaborate with cybersecurity leadership, enterprise architecture, and technology teams to define target-state architecture and long-term roadmap + Serve as an advisor to leadership on security architecture priorities, risks, and investment decisions **Security Architecture Standards & Governance** + Develop, maintain, and enforce enterprise security architecture standards, including design principles, control requirements, and implementation guidelines + Ensure standards are aligned with regulatory requirements, industry frameworks, and organizational risk tolerance + Establish governance processes for adoption and enforcement of architecture standards across global cybersecurity and technology teams + Continuously update and refine standards to address emerging threats, technologies, and business needs **Security Architecture Review & Validation** + Oversee architecture review processes to evaluate solutions and system designs against security standards, risk requirements, and enterprise architecture + Ensure security risks are identified, documented, and addressed prior to implementation + Provide approval and validation of security architecture decisions, including exception handling and risk acceptance processes + Drive consistency and quality in architecture review practices across teams **Cybersecurity Advisory for Development & Design** + Provide proactive security guidance and risk-informed recommendations during solution design and development + Partner with application, engineering, and commercial technology teams to embed security requirements early in the development lifecycle + Support security-by-design reviews, pre-implementation assessments, and architecture decision-making for new initiatives and technologies + Act as a technical liaison to translate security requirements and risks for both technical and non-technical stakeholders **Security Tooling & Architecture Optimization** + Assess, rationalize, and optimize the cybersecurity tooling landscape to reduce complexity, eliminate redundancies, and improve capability coverage + Ensure tooling aligns with enterprise security architecture and supports effective risk management and operational capabilities + Partner with engineering and infrastructure teams to integrate tools into the broader cybersecurity ecosystem + Drive continuous improvement of tooling strategy to support scalability, efficiency, and innovation **Security Architecture Design & Engineering Enablement** + Define and support reference architectures, design patterns, and reusable security solutions to enable secure system development + Oversee and guide the implementation of security controls within applications, infrastructure, and platforms + Support teams in designing secure solutions that balance security, performance, scalability, and usability + Promote adoption of secure-by-design principles across development and engineering teams **Capability Mapping & Roadmap Development** + Assess current and target security capabilities, mapping them to business priorities and risk requirements + Develop and maintain a phased roadmap to guide strategic security architecture investments and capability maturity + Align architecture initiatives with enterprise transformation efforts and emerging technology trends + Provide visibility into capability gaps and investment priorities to support strategic planning **Stakeholder Engagement & Integration** + Collaborate with enterprise architecture, IT, engineering, risk, and compliance teams to ensure alignment of security architecture with enterprise initiatives + Partner with BISOs and business stakeholders to integrate security into business and technology strategies + Provide guidance and support for cybersecurity requirements in projects, ensuring alignment with architecture standards + Drive consistent communication and alignment across global cybersecurity and technology teams **Talent Leadership & Capability Development** + Build and lead a high-performing security architecture team with expertise across domains such as cloud, application, infrastructure, and data security + Develop team capabilities through coaching, training, and structured career development initiatives + Foster a culture of technical excellence, innovation, and continuous improvement + Ensure alignment of team capabilities with evolving cybersecurity and business needs **_Qualifications_** + 10+ years of experience in cybersecurity, security architecture, or information security, with a focus on enterprise architecture and solution design preferred + Deep expertise in security architecture frameworks, secure design principles, and enterprise technology environments + Strong understanding of cybersecurity frameworks (e.g., NIST CSF, ISO 27001) and regulatory requirements + Experience leading architecture reviews, defining standards, and guiding secure solution development + Demonstrated ability to collaborate with cross-functional teams and influence technical and business stakeholders + Strong leadership, communication, and problem-solving skills + Experience in a leadership role overseeing security architecture or engineering teams + Experience in highly regulated industries (e.g., aviation, financial services, healthcare, or government) + Advanced degree (MBA, MS in Cybersecurity, Information Systems, or related field) preferred + Professional certifications such as CISSP, CCSP, SABSA, or TOGAF + Experience with cloud security architecture, DevSecOps, and modern application development practices **_What is expected of you and others at this level_** + Utilizes broad and deep knowledge to develop innovative new business practices, policies and procedures + Contributes to the development of department strategy + Works on or may lead highly complex projects of large scope + Projects are typically cross-functional and have significant and long-term impact + Provides solutions which set precedent + Negotiates complex or risky technical business issues on behalf of the company + Independently defines project establishes budgets identifies participants and mitigates risk + Consults with management to determine project objectives with long-term implications + Acts as a mentor to less experienced colleagues **Anticipated salary range:** $135,400 - $208,100 **Bonus eligible:** Yes **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with myFlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 6/12/26 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (https://www.cardinalhealth.com/content/dam/corp/email/documents/corp/cardinal-health-online-application-privacy-policy.pdf)

About the Company

Cardinal Health

INDUSTRY

Other/Not Classified

Resume Resources

Free Resume Templates Free Resume Builder