Lead Enterprise Security Architect

Location: Remote - USA

Remote Type: Remote US

Time Type: Full time

Job Description

Join the Team Modernizing Medicine

At ModMed, we’re not just building software—we’re reimagining the healthcare experience. Founded in 2010 by a practicing physician and a successful tech entrepreneur, we took a radically different approach: we hired doctors and taught them how to code. This "for doctors, by doctors" philosophy has allowed us to create an AI-enabled, specialty-specific cloud platform that places patients at the center of care.

A Culture of Excellence

When you join ModMed, you’re joining an award-winning team recognized for innovation and employee satisfaction.   From our global headquarters in Boca Raton Florida, and extensive employee base in Hyderabad India, we are a team of 4,500+ passionate problem-solvers on a mission to increase medical practice success and improve patient outcomes:

• Consistently ranked as a Top Place to Work

• 2025 Globee Business Awards: Gold Globee for “Technology Team of the Year”

• 2025 Black Book Awards: Ranked #1 EHR in 11 Specialties

• Florida Venture Forum: Venture-Backed Company of the Year

We are growing fast, thinking big, and we are just getting started.

Ready to modernize medicine with us?

Job Description Summary:

The Lead Enterprise Security Architect is responsible for setting technical direction, ensuring consistency, and driving outcomes for ModMed’s enterprise security architecture program. Acting as the senior-most individual contributor within the Security Architecture team, this role provides architectural leadership, decision alignment, and escalation support while partnering closely with engineering, cloud, and product leadership to ensure secure-by-design AWS solutions that meet PCI and HIPAA requirements.

What you'll do

Program Ownership

• Owns overall coherence and direction and is the final arbiter for architectural alignment within the program

• Collaborate with other Security Architects to design, maintain, and jointly define and curate security design patterns, reference architectures, and guardrails for bespoke AWS workloads

• Ensure consistency in how security architecture guidance is applied across teams, products, and platforms

Architecture Review and Engineering Enablement

• Provide final guidance and resolution when architecture reviews surface conflicting priorities or risk trade-offs

• Ensure review outcomes align with established enterprise standards

• Participate in and collectively operate security focused architecture review processes embedded within engineering design workflows

• Distribute review ownership across the team to scale coverage while avoiding bottlenecks

Cloud and Regulatory Security Architecture

• Translate PCI and HIPAA requirements into shared and reusable architectural patterns

• Ensure regulatory controls are addressed architecturally rather than through one off compensating controls

• Serve as the recognized security architecture authority across the organization and set expectations for how security architecture guidance is delivered and consumed

• Coach, mentor and develop Enterprise Security Architects through formal and informal leadership

Continuous Improvement and Measurable Outcomes

• Identify systemic architecture gaps and work as a team to prioritize and address them

• Measure effectiveness of the security architecture program including adoption and reduction in security findings

• Iterate on patterns and standards based on feedback from engineering teams and audit outcomes

What you'll bring

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, Information Technology or equivalent education and experience

• Minimum of 7 years of experience in information security or related fields.

• At least 3 years of experience in a role focused on security architecture and design

• Proven experience with cloud security architecture

• Demonstrated experience leading or setting direction for security architecture across multiple teams or platforms

• Experience acting as an escalation point or decision authority for complex security design issues

• Expertise in cloud security, particularly AWS security services and best-practices

• Proficiency in security architecture methodologies and tools

A plus if you have

• Strong understanding of security frameworks and standards (e.g., NIST CSF, HITRUST)

• AWS Certified Solutions Architect

• AWS Certified Security

• CISSP Certification

• Proven experience in healthcare

• Proven experience in data security

#LI-DV1

ModMed Benefits Highlight:  At ModMed, we believe it’s important to offer a competitive benefits package designed to meet the diverse needs of our growing workforce. Eligible Modernizers can enroll in a wide range of benefits:

United States

• Comprehensive medical, dental, and vision benefits, including a company Health Savings Account contribution,
• 401(k):  ModMed provides a matching contribution each payday of 50% of your contribution deferred on up to 6% of your compensation. After one year of employment with ModMed, 100% of any matching contribution you receive is yours to keep.
• Generous Paid Time Off and Paid Parental Leave programs,
• Company paid Life and Disability benefits, Flexible Spending Account, and Employee Assistance Programs,
• Company-sponsored Business Resource & Special Interest Groups that provide engaged and supportive communities within ModMed,
• Professional development opportunities, including tuition reimbursement programs and unlimited access to LinkedIn Learning,
• Global presence and in-person collaboration opportunities; dog-friendly HQ (US), Hybrid office-based roles and remote availability for some roles,
• Weekly catered breakfast and lunch, treadmill workstations, Zen, and wellness rooms within our BRIC headquarters.

PHISHING SCAM WARNING: ModMed is among several companies recently made aware of a phishing scam involving imposters posing as hiring managers recruiting via email, text and social media. The imposters are creating misleading email accounts, conducting remote "interviews," and making fake job offers in order to collect personal and financial information from unsuspecting individuals. Please be aware that no job offers will be made from ModMed without a formal interview process, and valid communications from our hiring team will come from our employees with a ModMed email address ([email protected]). Please check senders’ email addresses carefully.  Additionally, ModMed will not ask you to purchase equipment or supplies as part of your onboarding process. If you are receiving communications as described above, please report them to the FTC website.