The Principal Cybersecurity Architect serves as the strategic and technical authority for security architecture at Empower, responsible for safeguarding our most critical systems, data, and infrastructure in a hypergrowth environment. By designing scalable, enterprise-wide security strategies and frameworks, this role ensures our platforms are resilient to evolving threats while maintaining compliance with industry regulations. Through visionary leadership and deep technical expertise, the Principal Cybersecurity Architect advances Empower’s mission to deliver innovative, affordable medication to 300 million people living healthier, happier lives.

• Leads the design and execution of enterprise-wide cybersecurity strategies that align with organizational goals and risk tolerance, integrating advanced security technologies, frameworks, and governance to protect critical systems and data.
• Translates complex business requirements and regulatory mandates into scalable, actionable architecture designs while driving secure implementation across infrastructure, applications, and cloud environments.
• Serves as the senior authority and subject matter expert across multiple cybersecurity domains, guiding architectural decision-making, supporting incident response, and ensuring long-term platform resilience.
• Identifies and mitigates architectural risks through comprehensive threat modeling, vulnerability assessments, and risk analyses, continuously enhancing the organization’s security posture.
• Defines and enforces cybersecurity architecture standards, patterns, and principles based on frameworks such as National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), International Organization for Standardization 27001, and other regulatory requirements including Health Insurance Portability and Accountability Act, General Data Protection Regulation, and Payment Card Industry Data Security Standard.
• Mentors junior technical staff and fosters a collaborative security culture, partnering with cross-functional teams—including information technology, software engineering, legal, and business stakeholders—to embed security across systems, workflows, and decision-making.

While performing job responsibilities, the employee is required to speak and listen. The employee is often required to remain in a stationary position for a significant portion of the workday and frequently uses their hands and fingers to handle or feel objects to access, input, and retrieve information from the computer and other office productivity devices. The employee is regularly required to move about the office and around the corporate campus. The employee is regularly required to stand, walk, reach with arms and hands, climb or balance, and stoop, kneel, crouch, or crawl.

• Extensive hands-on experience architecting and deploying enterprise security controls and services, with deep expertise in domains such as cloud security, infrastructure security, data protection, network security, identity and access management, and security operations.
• Expert-level understanding of leading security frameworks and methodologies, including NIST CSF and 800-53, ISO 27001/27002, CIS Controls, IEC 62443, MITRE ATT&CK, TOGAF, SABSA, and COBIT, with a track record of cross-functional collaboration and regulatory compliance in complex environments.

Key Competencies

• Customer Focus: Ability to build strong customer relationships and deliver customer centric solutions.
• Optimizes Work Processes: Know the most effective and efficient processes to get things done, with a focus on continuous improvement.
• Collaborates: Builds partnerships and works collaboratively with others to meet shared objectives.
• Resourcefulness: Secures and deploys resources effectively and efficiently.
• Manages Complexity: Makes sense of complex, high quality, and sometimes contradictory information to effectively solve problems.
• Ensures Accountability: Holds self and others accountable to meet commitments and objectives.
• Situational Adaptability: Adapts approach and demeanor in real time to match shifting demands of different situations.
• Communicates Effectively: Develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences.

Values

• People: Our people define who we are as a company, and we believe that understanding and addressing the needs of our team, clients, and community is fundamental to fostering a culture of support and growth.
• Quality: Quality stands at the core of our mission, reflecting our commitment to excellence in every medication we produce.
• Service: We are here to serve others. Every interaction with our patients, providers, employees and other stakeholders comes from a place of service.
• Innovation: By continuously exploring new methodologies and embracing technology, we ensure that every solution we offer is at the forefront of pharmaceutical care.

• Minimum of 10 years of experience in cybersecurity with progressive leadership in enterprise security architecture, technical solution design, and risk management across multiple domains.
• Requires a bachelor’s degree in cybersecurity, information technology, computer science, or a related technical discipline; a master’s degree and/or advanced security certifications are strongly preferred.

• Certified Information Systems Security Professional (CISSP) strongly preferred; Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) preferred; certification in architecture frameworks such as TOGAF or SABSA preferred.

We offer comprehensive benefits to support your health, well-being, and future, including medical, dental, and vision coverage, paid time off, 401(k) matching, wellness perks, IV therapy, and compounded medications. Learn more: https://careers.empowerpharmacy.com/benefits/