Principal Engineer, Security Architect

Primary LocationUnited States Remote FriendlyYes Employment TypeFull Time

Apply Now


Bellese Technologies is looking for someone with a passion for solving big problems in healthcare. We foster a learning environment that thrives on curiosity, innovation, and passion about improving healthcare in America. Our remote-first team is spread across 20+ states and leverages exceptional collaboration to amplify our strengths. We provide an environment focused around helping you achieve your goals. Because when you succeed, we all succeed.

The Principal Engineer, Security Architect will initially play a critical role in implementing and maintaining an effective information security program for the organization within the context of the Hospital Quality Reporting (HQR) contract, including the maintenance of the HQR Authority to Operate (ATO). The HQR system is a software solution utilized by the Center for Medicare and Medicaid Services (CMS) to assess the quality of care provided by hospitals, catering to both Medicare recipients and the broader U.S. population.

The Principal Engineer, Security Architect will then transition to support all contracts as well as contribute to business development and growth initiatives at Bellese. This role is responsible for protecting the confidentiality, integrity, and availability of the organization's information assets by identifying and managing risks, developing and implementing policies and procedures, conducting security assessments, and ensuring compliance with relevant laws and regulations.

The Principal Engineer, Security Architect will also support cross-functional development teams across various aspects, including design & architecture, application security, infrastructure & operability, and testing & quality assurance. This position will contribute to the organization's overall security posture while fostering collaboration with diverse teams and stakeholders, and promoting a culture of security consciousness and innovation.


  • Develop, implement, and maintain the organization's information security strategy and policies to protect sensitive (PII/PHI) data, infrastructure, and intellectual property.
  • Serve as the primary point of contact for all information security matters, including risk assessment, vulnerability management, and incident response.
  • Collaborate with IT and business stakeholders to ensure that security is incorporated in the design, development, and implementation of new and existing systems and applications.
  • Develop and oversee the implementation of security controls, procedures, and guidelines in compliance with CMS Acceptable Risk Safeguards (ARS), Federal Information Security Management Act (FISMA) requirements, and other applicable regulations.
  • Perform regular security audits and assessments to identify vulnerabilities, threats, and risks, and recommend appropriate mitigation strategies.
  • Oversee the Authority to Operate (ATO) process, ensuring that all necessary security documentation, such as System Security Plans (SSPs), Adaptive Capabilities Testing (ACT), and Plans of Action and Milestones (POA&Ms), are developed, maintained, and submitted in a timely manner.
  • Lead incident response efforts, including investigation, containment, and remediation of security incidents and coordinating with relevant stakeholders and external parties.
  • Establish and maintain relationships with external security vendors, partners, and agencies to enhance the security posture and obtain threat intelligence.
  • Provide security awareness training and education to employees, contractors, and partners, promoting a culture of security consciousness within the organization.
  • Evaluate and recommend new security technologies, tools, and best practices to enhance the organization's security capabilities and defenses.
  • Monitor and report on the organization's security posture and the effectiveness of security controls, providing regular updates to senior management and key stakeholders.
  • Develop and maintain documentation of security policies, procedures, standards, and guidelines, ensuring they remain current and relevant.
  • Provide expert guidance and mentorship to junior team members, fostering their professional growth and development.
  • Participate in industry conferences and forums to stay current on the latest trends, technologies, and best practices in information security.
  • Serve as a subject-matter-expert in security with clients, working to build trust in Bellese’s approach and qualifications.


  • A Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
  • CISSP, CISM, or other relevant security certifications.
  • A minimum of 7 years of experience (10+ preferred) in information security, with at least 5 years in a leadership role.
  • In-depth knowledge of CMS security requirements, FISMA, NIST security frameworks, and other applicable regulations.
  • In-depth knowledge and experience using the CMS CFACTS tool.
  • Strong experience delivering AWS-based cloud solutions that leverage EC2, ECS, Lambda, Cloudwatch, SNS, SQS, EventBridge, S3, RDS, DynamoDB, Glue, Elasticsearch, RedShift, ElastiCache, Athena, KMS, Secrets Manager, Security Hub, Inspector, Certificate Manager, and more.
  • Strong experience working with Java, Spring Boot, Python, Go, JS/TS, Angular, and other languages/frameworks.
  • Strong experience working with Terraform, Jenkins, Git/Github, New Relic, Tenable Nessus, SonarQube, Snyk, and other DevSecOps technologies.
  • Strong knowledge of information security principles, technologies, and best practices.
  • Strong knowledge of industry standards and government regulations related to information security.
  • Excellent communication, interpersonal, and leadership skills.
  • Strong analytical, problem-solving, and decision-making abilities.

Bellese offers

  • Three weeks paid leave
  • Flexible Schedule and Remote-First culture
  • $3000 annual education stipend
  • Work from home setup including Macbook (possibly used/refurbished)
  • Collaborative, learning environment
  • Health insurance
  • 401K Plan with Safe Harbor contribution


If you are still reading, we should talk. Take a few minutes to “Apply For This Job” and get the conversation started. Your future self will thank you. We look forward to talking to you.


Executive Order requiring COVID safety protocols

Bellese employees are Federal Workers and are subject to Executive Order 14042, Ensuring Adequate COVID Safety Protocols for Federal Contractors, dated September 9, 2021 (published in the Federal Register on September 14, 2021, 86 FR 50985). As condition of employment, employees will need to provide either: a: proof of completed COVID vaccinations OR b: have an approved medical or religious exemption and proof of weekly COVID testing.

U.S. citizen or legal right to work in the United States without sponsorship

Bellese Technologies, LLC is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.  In addition to federal law requirements, Bellese Technologies, LLC complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

EEO is the law:

EEO is the Law Poster Supplement

Pay Transparency:

Apply For This Job