Lead Cybersecurity Architect | AirStrip

Are you ready to link your passion with a purpose? At AirStrip, we build technology that enables clinicians to diagnose earlier than ever before, accelerate life-saving interventions, reduce the cost of care, and save lives.   We provide mobile-first clinical surveillance and alarm communication management technology that unlocks siloed data from patient monitors and transforms it into contextually rich information easily accessible on mobile devices and the Web.  We’re seeking innovative thinkers who love doing meaningful work. If you’re looking to bring your skills and expertise to a growing technology company, it’s time for you to join us!     AirStrip is adding a Lead Cybersecurity Architect responsible for defining, delivering, and maintaining enterprise security architecture across cloud, on‑prem, SaaS, and hybrid environments, ensuring security is embedded into platforms, applications, and major initiatives. The position leads threat modeling, security design reviews, and incident response while partnering closely with engineering, cloud, infrastructure, and SOC teams to enable effective detection, prevention, and remediation.    Responsibilities include, but are not limited to: - Design, implement and maintain robust security architectures - Risk mitigation, perform vulnerability management, coordinating with other teams to resolve findings - Incident Response. Lead incident response to security incidents and conduct post-incident analysis. - Develop and implement data protection strategies for encryption and data loss prevention. - Help define and maintain the enterprise security architecture, including reference architectures, patterns, and standards across cloud, on‑prem, SaaS, and hybrid environments. - Assist in developing and maintaining multi‑year security roadmaps aligned to business objectives, risk appetite, and regulatory requirements (e.g., NIST, ISO 27001, CIS, PCI, HIPAA, GDPR as applicable). - Lead threat modeling and security architecture reviews for new and existing systems, applications, and integrations. - Evaluate emerging technologies (zero trust, SASE, EDR/XDR, IAM, data security, AI/ML, OT/ICS) and make recommendations based on risk, value, and operational fit. - Lead end‑to‑end security design for major initiatives (e.g., cloud migrations, new customer‑facing platforms, identity modernization, network segmentation). - Produce high‑quality security design artifacts: architecture diagrams, data‑flow diagrams, threat models, security requirements, and control mappings. - Partner with enterprise, cloud, and infrastructure architects to ensure security is embedded in reference architectures and blueprints. - Provide deep technical guidance to engineering and operations teams on secure design, implementation trade‑offs, and remediation options. - Assist with data classification‑aligned controls for sensitive data: encryption (in transit/at rest), tokenization, DLP, key management, and privacy‑by‑design principles. - Collaborate with application and product teams to embed application security practices: secure SDLC, code scanning, dependency management, secrets management, and secure APIs. - Review high‑risk application designs and third‑party integrations; ensure appropriate controls for authentication, authorization, input validation, logging, and monitoring. - Work with SOC, incident response, and threat intelligence teams to ensure architecture supports effective detection, investigation, and response (telemetry, logging, alerting). - Participate in major incident response as a senior technical advisor, helping identify architectural weaknesses and longer‑term remediation. - Translate threat intelligence and lessons learned into architecture updates, new controls, and design patterns. - Map security architecture and controls to relevant frameworks and regulations (e.g., NIST CSF/800‑53, ISO 27001, SOC 2, PCI‑DSS) and support audits and assessments. - Contribute to security policies, standards, and guidelines; ensure designs and implementations remain aligned with them. - Mentor and coach other security engineers and architects, raising overall technical depth and architectural thinking across the team. Education and Experience Requirements: - Bachelor's degree in Comp Sciences, Mgmt Info Systems, Cyber Security, Engineering and related fields (commensurate experience may be considered in lieu of a degree) - Minimum 8 years of previous experience working in information technology - Minimum 5 years of previous experience working in IT security / cybersecurity  - Certifications: CISSP, CISA, CompTIA, GIAC Required Knowledge, Skills, and Abilities: - Experience researching, building, and implementing defensive security systems that are used against internal and external attack vectors - Experience designing and building out application and network security monitoring to aid in detection or forensic investigations - Background in intrusion detection, security investigations, and incident response - Deep understanding of MITRE ATT&CK Framework and associated threat actor techniques - Experience “threat hunting”, i.e. using threat intel to proactively and iteratively investigate these potential risks and finding suspicious behavior in the environment - Experience investigating data for anomalies in order to identify suspicious behavior - Experience with Identity and Access Management (IAM), provisioning user accounts and access - Solid understanding of SIEM tools (LogRhythm, Splunk, Elastic, Etc.) - Knowledge of compliance frameworks: ITIL, Zero Trust, HITRUST, ISO 27000 series frameworks, NIST, HIPAA - Strong communication skills and excellent documentation practices - Knowledge of securing Active Directory, AWS, Azure or similar cloud environments   The salary range for applicable US-based applicants to this position is below.  The specific rate will depend on the successful candidate’s qualifications, prior experience as well as geographic location.   - $151,100 - $196,000 base salary.   We value each of our employee’s total wellness. From robust medical, dental, and vision insurance, to financial planning assistance, to physical and mental wellness discounts, and unlimited access to our online learning platform, we understand that our company succeeds when our employees succeed as individuals.   Additional notable US-employee benefits include: - Paid Time Off (hourly) / Flex Time Off (salaried) programs for Full Time employees - Growth and Development opportunities - 401(k), including a 3% company match - Paid Holidays - Paid Parental Leave, including a flexible return-to-work program - Employee Assistance Program - Discounts on popular cell phone plan providers - Life & Disability Insurance - And more!   AirStrip provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.   This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.