Staff Security Architect (Cloud Security & Incident Response)

Staff Security Architect (Cloud Security & Incident Response) Prof Compounding Centers of America - 2.0 Houston, TX Job Details 10 hours ago Qualifications Cloud identity and access management (IAM) DevSecOps Practices Azure Incident management Continuous Delivery (CD) implementation OAuth 2.0 Infrastructure as Code (IaC) DevOps Threat detection & response Solution architecture design IT security architecture Access control implementation Decision making Security policy implementation Incident Investigation Cloud networking Cloud Architecture Design (Architecture design skills) Root cause analysis Senior level Cloud monitoring Escalation handling Incident response implementation Identity & access management Full Job Description Role Overview PCCA is seeking a Staff Security Architect to serve as a hands-on security architecture and cloud security engineering leader. This role partners closely with Enterprise Architecture, DevOps, Engineering, and Infrastructure teams to design and implement secure-by-default patterns—with a strong emphasis on Azure cloud deployments, identity and access management, and DevSecOps. The role also leads cybersecurity incident response across Precision Health Holdings' operating companies as needed; during active incidents, incident leadership becomes the top priority. Key Responsibilities Security Architecture & Cloud Security Engineering (Primary) Design and evolve

PHH/PCCA

security architecture standards, reference architectures, and security-by-default guardrails for cloud and hybrid environments. Partner with DevOps and Engineering teams to secure Azure deployments (networking, identity, compute, data, and platform services). Define secure patterns for CI/CD and Infrastructure-as-Code (IaC) pipelines, including policy-as-code and automated security controls. Architect identity solutions leveraging OAuth2 / OpenID Connect (OIDC), least-privilege access, and strong authentication mechanisms. Drive Zero Trust architecture initiatives across PHH/PCCA and its operating companies, including segmentation, device/user trust evaluation, and conditional access. Implement and tune cloud security controls (e.g., Azure Policy, Defender for Cloud, logging/alerting) and integrate telemetry into centralized monitoring/SIEM. Perform security design reviews and threat modeling for new systems, integrations, and major changes; document risks and recommended mitigations. Develop pragmatic security requirements and controls aligned to business risk and regulatory needs; help teams implement them efficiently. Create implementation-ready artifacts (runbooks, diagrams, reference configs) and provide hands-on assistance during builds and migrations. Cybersecurity Incident Leadership (As-Needed; Priority During Incidents) Lead technical incident response across PHH operating companies, coordinating containment, eradication, and recovery activities. Triage security events to determine whether incidents can be handled in-house or require escalation/engagement of the virtual CISO (vCISO) and/or external partners. Serve as a technical incident commander: manage timelines, coordinate responders, drive decision-making, and ensure clear communications to stakeholders. Conduct root cause analysis and lead post-incident reviews to drive preventive improvements (architecture, controls, detection, and process). Maintain and improve incident response playbooks, tooling, and escalation paths across subsidiaries to ensure consistent execution.