Senior Cloud Security Architect

What will your days look like at LGI Healthcare Solutions?

LGI Healthcare Solutions improves the performance of healthcare organizations as well as the experience of teams and patients through its innovative technological solutions. In this context, we are looking for a Senior Cloud Security Architect (Azure) who will act as the leader for strategy, architecture, and security governance across all of the company’s Microsoft Azure environments. In this role, under the supervision of the CISO, you will work closely with the CloudOps team, within which you will be operationally integrated, while maintaining authority over strategic direction, risk management, and security standards.

Context of the Mandate

As part of evolving and strengthening our cloud security posture, we are seeking a senior architect capable of:

• Taking over and structuring Azure security architecture
• Significantly reducing the attack surface
• Eliminating uncontrolled public exposure
• Establishing formal and sustainable governance
• Defining and implementing a comprehensive cloud security strategy
• Ensuring sustainability and continuous improvement of the security posture

This is a strategic role. It is not a technical administration position, but rather a mandate focused on architecture, transformation, and structuring at the organizational level.

Primary Mandate

Define, implement, and maintain the overall Azure security strategy, ensuring:

• The design of secure architectures
• Integration of Zero Trust principles
• Governance of technical controls
• Structured cloud risk management
• Continuous and measurable improvement of the security posture

Responsibilities

1. Define Azure Security Strategy

• Develop and maintain the overall security strategy for Microsoft Azure environments
• Define the roadmap for cloud security transformation and maturity
• Establish a governance framework aligned with best practices (CIS, Azure Security Benchmark, Zero Trust)

2. Redesign and Secure Cloud Architecture

• Design secure and scalable Azure architectures
• Reduce the attack surface and eliminate uncontrolled public exposure
• Structure network segmentation, data protection, and technical identity management
• Define secure deployment standards (landing zones, subscriptions, workloads)

3. Implement Sustainable and Automated Controls

• Define and implement security guardrails (policies, standards, technical controls)
• Integrate security into CloudOps and DevSecOps practices
• Promote automation of controls and “security as code”

4. Strengthen Access and Privilege Governance

• Apply the principle of least privilege
• Govern RBAC roles, managed identities, and service principals
• Establish an auditable and controlled access model

5. Ensure Sustainability and Continuous Improvement

• Define logging, detection, and cloud monitoring requirements
• Collaborate with the SOC to optimize visibility and response
• Establish performance and maturity metrics
• Ensure continuous review of architecture and security standards