Senior Data Security Architect

External

Mckesson · OH, Columbus

ContractOn-siteToday

AzureCI/CDClassificationComplianceEncryptionHIPAA

Cover Letter Connect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

The Senior Data Security Architect is a specialized, senior individual contributor responsible for designing and governing the end-to-end data security architecture across CoverMyMeds' cloud and on-premises data ecosystem. This role bridges compliance frameworks (SOX, HIPAA, SOC 2, FedRAMP) with hands-on implementation of security controls at every layer of the data platform - from ingestion through Gold-layer consumption. The ideal candidate has implemented data rights and security governance at enterprise scale in healthcare or financial services environments, understands how security must be designed differently when external customers consume reports or data products, and can translate regulatory requirements into reusable, auditable architectural patterns on Databricks and Azure.

Responsibilities

Define and own the enterprise data security architecture across the CoverMyMeds data platform - spanning Databricks Unity Catalog, Azure Data Lake Storage, Azure Data Factory, and downstream BI/reporting layers.

Design and implement role-based access control (RBAC), attribute-based access control (ABAC), and row/column-level security patterns across Unity Catalog, ensuring controls propagate correctly from source to Gold-layer consumption.

Lead data rights enforcement architecture - designing entitlement models, consent-based access patterns, and contractual data tier controls that support both internal use cases and external customer data sharing.

Architect identity and access management (IAM) patterns integrated with Okta, Microsoft Entra ID, SailPoint, and CyberArk - covering human users, service accounts, and CI/CD service principals.

Define tokenization, de-identification, and encryption strategies for PHI/PII data across all platform layers, including selection and integration of tools such as Datavant for tokenization and Azure Key Vault for secrets management.

Design masking architecture across non-production environments, ensuring analysts and engineers can validate pipelines against production-representative data without exposure to raw PHI/PII.

Establish external-facing data security patterns for customer portals, partner integrations, and embedded analytics - including multi-tenant access isolation, data residency controls, and audit logging.

Build the SOX ITGC control evidence architecture: defining how logical access reviews (SailPoint UAR), change management audit trails (CI/CD deployment logs), segregation of duties, and privileged access restrictions are documented and evidenced.

Lead HIPAA, SOC Type II, and FedRAMP alignment across data platform controls - partnering with Legal, Compliance, and Privacy teams to ensure regulatory requirements are implemented as concrete platform controls rather than policy statements.

Partner with Data Engineering, SRE, and DBA teams to embed security controls into pipeline development standards, CI/CD deployment gates, and platform onboarding checklists.

Define data classification frameworks, PII/PHI tagging governance, and tag propagation standards across the medallion architecture - including accountability models for tag validation and so

Senior Data Security Architect

About the role

Responsibilities

Benefits

Additional Information

Your Match

Company Intel

What employees say

Interested in this role?