Data Protection and Security Principal Architect

📋 Description

• • Own the enterprise-wide data-protection and security-architecture vision for a $20-billion health & insurance ecosystem that serves millions of members and handles some of the nation’s most sensitive clinical, financial, and AI-derived data sets.
• • Define and continuously evolve Zero-Trust, data-centric security patterns for hybrid-cloud, on-prem, and edge environments, ensuring every API, micro-service, data lake, and ML pipeline is “secure-by-design” and “compliant-by-default.”
• • Act as the authoritative architect for AI/ML data security—guiding data scientists, MLOps engineers, and product owners on privacy-preserving model training, adversarial-attack mitigation, bias detection, secure feature stores, and responsible-data-handling practices that exceed HIPAA, HITRUST, and emerging AI regulations.
• • Translate complex regulatory requirements (HIPAA, HITECH, state privacy acts, NIST 800-53, PCI-DSS) into concrete technical controls, reference architectures, and reusable code libraries that reduce audit findings by 30% and accelerate product release cycles.
• • Build and socialize business-case-driven technology roadmaps that balance risk, innovation, and cost—presenting to C-suite, board cyber committees, and external partners with clear ROI, TCO, and risk-reduction metrics.
• • Mentor a distributed community of 50+ security engineers, enterprise architects, and data stewards; create guilds, brown-bags, and design-review forums that upskill talent and embed security culture across Agile release trains.
• • Lead post-merger & acquisition security-integration workstreams—evaluating target-company data-protection maturity, harmonizing identity fabrics, and delivering Day-1 secure-data-governance playbooks that protect patient trust and brand equity.
• • Partner with Development, Cloud, Data-Platform, and Site-Reliability teams to embed automated data-classification, DLP, tokenization, and encryption controls into CI/CD pipelines—cutting mean-time-to-remediate sensitive-data exposure by 40%.
• • Evaluate emerging tech (confidential computing, homomorphic encryption, synthetic-data generation, DSPM, AI-SPM) through rapid PoCs, vendor score-carding, and architectural-decision-records that keep Highmark Health two steps ahead of threat actors.
• • Champion a “shift-left & shield-right” mindset—instilling threat-modeling, privacy-impact-assessments, and secure-coding patterns early in the SDLC while maintaining 99.99% uptime for mission-critical claims, clinical, and digital-health applications.
• • Serve as the final escalation point for security-architecture incidents, providing concise, risk-based recommendations that protect member data and maintain service continuity during high-stress events.
• • Continuously measure and report program effectiveness through OKRs, KRIs, and maturity models (e.g., BSIMM, SAMM), ensuring transparent progress toward a quantified, risk-reduced future state.